-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anmol Bedi wrote: > Edit /etc/selinux/config > > and type: SELINUX=disabled > It would be enabled by default, so change it to disabled. do not do this. There are better ways than that. Just turning it off because it (correctly) gives an error message is not the correct, or the most sensible one. This is one of the policy options which has a boolean|toggle switch. You can see these on the SElinux tab in system-config-securitylevel, but if you have a handwritten netfilter|iptables firewall you should *not* run this tool as it will rewrite your firewall for you. the other way to see them is getsebool -a (or in your case getsebool -a|grep http) Out of the box the targeted SElinux policy prevents it accessing home directories. To enable this feature, do the following: setsebool -P httpd_enable_homedirs setsebool toggles this setting now. The -P makes it persistent across reboots. > Restart the pc. Done and then find that *all* of your network services are no longer protected against undiscovered|unpatched exploits. Kind Regards Stuart - -- Stuart Sears RHCA RHCSS RHCX "Quit worrying about your health. It'll go away." - - Robert Orben -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFE/EL5amPtx1brPQ4RAtKQAJ0QDfVN8otmh6um2t6lEe/IPvtDgACdHg4c VznOYiatLJJg83PDWjTeIl4= =xNa3 -----END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
