On Fri, 2004-09-17 at 08:17, Cream[DONut] wrote: > when starting httpd, it just fails, there are no AVC messages in > /var/log, but for testing purpose I set DocumentRoot to the / root of > the server, which worked, then i tried going to /home, which didnt work, > I couldnt open /home/xxxxxx or /home/xxxxxx/www. BTW, when you see no AVC messages but think that SELinux is the culprit, do a 'make enableaudit load' in the policy source directory and try again, and then do a 'make clean load' to revert. That is noted in the Fedora SELinux FAQ. Certain audit messages are explicitly suppressed by default using dontaudit rules in the policy to avoid filling the logs with noise, and the 'enableaudit' removes those rules to ensure that you see every denial. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
