Hi,
Firstly apologies if what I'm about to ask is obvious, I'm kind of
new to selinux and I'm trying to read the relevant docs but I don't
understand something. If what I ask is covered in a document then
I'd appreciate a pointer.
Okay so I just installed apache from RPM on fedora core 3 and when I
try to start it I get the following:
# service httpd start
Starting httpd: Syntax error on line 266 of
/etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory
In /var/log/messages:
Dec 20 16:28:32 becks kernel: audit(1103560112.198:0): avc: denied
{ search } for pid=27331 exe=/usr/sbin/httpd name=/ dev=dm-1 ino=2
scontext=root:system_r:httpd_t tcontext=system_u:object_r:file_t
tclass=dir
I am using the targeted policy.
Now, the only thing I have changed is, instead of having my document
root be /var/www/html I've put it in /data/www. I edited
/etc/selinux/targeted/src/policy/file_contexts/program/apache.fc to
reflect the fact that my content is in a different place and did do
a restorecon to relabel things under /data.
What I don't understand is the reference to /. Why is selinux
denying httpd searching /? This is a new install and selinux has
been enabled from the start so / should be labelled correctly..
What am I missing?
Thanks,
Andy
Attachment:
pgppMpAgSrvyp.pgp
Description: PGP signature
