On Thu, 4 Sep 2008 20:07:10 -0700 "Robert J. Carr" <rjcarr@xxxxxxxxx> wrote: > Hopefully this is a quick question to those that know SELinux more > than I do, which wouldn't be very hard to accomplish. > > I'm migrating a (working) environment from one server running Fedora 7 > to another running Fedora 9. After pulling my hair out for most of > the day I've found out the problem is with SELinux because when I > turned it off temporarily everything worked fine. > > Not to get into too much detail, but my problem came from apache not > being able to access a file (although the error isn't quite that > clear). Between the working environment and the non-working > environment I can only see a couple differences in the selinux config > files in /etc, but these have never been touched in either instance. > > The context labels are a bit different too. The working environment > has these selinux context labels: > > user_u:object_r:httpd_sys_content_t > > But the non-working environment has these context labels: > > unconfined_u:object_r:httpd_sys_content_t:s0 > > It seems to get an extra field and the user changes to unconfined. Is > this relevant? > > There is nothing else that I can find different, is there anything > else that could be the problem? > > Any advice would be greatly appreciated. You need to find the actual SELinux denials that are happening and post them. They'll be in /var/log/audit/audit.log if you're running the audit daemon, and /var/log/messages of you're not. Paul. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
