On Mon, 14 Nov 2005, Stephen Walton wrote: > I just got Big Brother working on Fedora Core 4 with SELinux enabled. > The key steps: > > 1. With SELinux turned on, apache adamantly refuses to follow symbolic > links, even if FollowSymLinks is set in httpd.conf. (Is this a bug?) The > only workaround I've been able to find is a bind mount: Don't know but... > > # mkdir /var/www/html/bb > # mount -o bind /home/bb/bb/www /var/www/html/bb Why don't you simply put something like the following in /etc/httpd/conf.d/bb.conf: # # Big Brother is a web based network monitoring program # Alias /bb /home/bb/bb/www <Directory /home/bb/bb/www/> order deny,allow deny from all allow from 127.0.0.1 allow from 192.168.0 </Directory> Season to taste of course. That way you do not have to mess with symlinks. > 2. Change the context: > > # chcon -R -h -t httpd_user_content_t /home/bb/bb/www > > 3. Change the two 'mv' commands in bb-display.sh to 'cp' commands so > that the contexts get preserved when the page is regenerated. That sounds like the piece I was missing. Thanks. > > Of course in the above I'm assuming DocumentRoot in apache is set to > /var/www/html and that your Big Brother server files are in > /home/bb/bb. Change as appropriate for your setup. That is a standard bb setup, so it should work for most. Regards, Tom Diehl tdiehl@xxxxxxxxxxxx Spamtrap address mtd123@xxxxxxxxxxxx -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
