Why does this get denied?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

Firstly apologies if what I'm about to ask is obvious, I'm kind of
new to selinux and I'm trying to read the relevant docs but I don't
understand something.  If what I ask is covered in a document then
I'd appreciate a pointer.

Okay so I just installed apache from RPM on fedora core 3 and when I
try to start it I get the following:

# service httpd start
Starting httpd: Syntax error on line 266 of
/etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory

In /var/log/messages:

Dec 20 16:28:32 becks kernel: audit(1103560112.198:0): avc:  denied
{ search } for  pid=27331 exe=/usr/sbin/httpd name=/ dev=dm-1 ino=2
scontext=root:system_r:httpd_t tcontext=system_u:object_r:file_t
tclass=dir

I am using the targeted policy.

Now, the only thing I have changed is, instead of having my document
root be /var/www/html I've put it in /data/www.  I edited
/etc/selinux/targeted/src/policy/file_contexts/program/apache.fc to
reflect the fact that my content is in a different place and did do
a restorecon to relabel things under /data.

What I don't understand is the reference to /.  Why is selinux
denying httpd searching /?  This is a new install and selinux has
been enabled from the start so / should be labelled correctly..

What am I missing?

Thanks,
Andy

Attachment: pgppMpAgSrvyp.pgp
Description: PGP signature


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux