On Sunday, December 26, 2010 04:00:56 pm Frank Licea wrote: > I'm on a fresh install of Fedora 14 and using phusion passenger. I > currently have SELinux in permissive mode. > > When I checked my /var/log/audit/audit.log file I noticed three denial > messages and I can't figure out why they are there. Has anyone encountered > anything similar before? It seems Apache (httpd_t) is trying to open/read some files that are labeled incorrectly. Apache (httpd_d) usually can only read files labeled as httpd_sys_content_t. In your case, the files are labeled as "unconfined_t". Usually you don't have this problem if you serve your pages from anywhere within the standard location (/var/www/html). If you're serving from other non-standard location you must tell SELinux about it. For example, if you're using /srv/myweb You'll need to register this location with: semanage fcontext -a -t httpd_sys_content_t '/srv/myweb(/.*)?' and then apply the labels: restorecon -R /srv/myweb HTH, Jorge -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
