httpd and userdir

Tanguy Eric eric.tanguy at univ-nantes.fr
Sun Oct 29 22:01:42 UTC 2006


Le dimanche 29 octobre 2006 à 14:55 -0700, Craig White a écrit :
> On Sun, 2006-10-29 at 22:43 +0100, Tanguy Eric wrote:
> > Le dimanche 29 octobre 2006 à 20:44 +0000, Andy Green a écrit :
> > > Tanguy Eric wrote:
> > > 
> > > > I have httpd running fine on a newly installed FC6 but i can't achieve
> > > > httpd to serve user's public_html directory. I commented 'UserDir
> > > > disable' and added 'UserDir public_html' in httpd.conf but when i try to
> > > > go to http://localhost/~tanguy/ i obtain You don't have permission to
> > > > access /~tanguy/ on this server. Is there something to do with selinux
> > > > or permissions ?
> > > 
> > > Check /var/log/messages for any selinux intervention, 
> > > /var/log/httpd/error_log for apache hints.
> > > 
> > > -Andy
> > > 
> > > 
> > 
> > I think it's a selinux problem : 
> > Oct 29 22:38:30 bureau kernel: audit(1162157910.280:5): avc:  denied
> > { getattr 
> > } for  pid=2341 comm="httpd" name="public_html" dev=dm-0 ino=5243211
> > scontext=sy
> > stem_u:system_r:httpd_t:s0 tcontext=user_u:object_r:user_home_t:s0
> > tclass=dir
> > 
> > but i don't speak fluently selinux ...
> > 
> > someone could help me to understand this and find a solution ?
> > Thanks
> ----
> you could wait around or you could go to 'Security Level and
> Firewall' (system-config-securitylevel)
> 
> and either change from Enforcing to Permissive (I think this requires
> reboot)
> or
> modify Security Policy => HTTPD => 'Allow HTTPD to read home
> directories' is checked and if necessary, as root...

I have already done this without any chances ...

> 
> fixfiles relabel /home 

Maybe i have to try this but it seems to want to relabel all the file
systems and not only /home.

> 
> (doing this from memory - you might want to reference man pages)
> 
> Craig
> 

Eric





More information about the fedora-list mailing list