[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: SELinux & apache/httpd access to /home/*/www

From: Daniel J Walsh <dwalsh redhat com>
To: "Fedora SELinux support list for users & developers." <fedora-selinux-list redhat com>
Subject: Re: SELinux & apache/httpd access to /home/*/www
Date: Wed, 15 Sep 2004 10:57:33 -0400

Cream[DONut] wrote:

Hello,

My problem is this: I host some small PHP & MySQL websites for friends and family, they have their VirtualHost DocumentRoot's in "/home/[name]/www" (and is working fine with SELinux disabled).

I am running SELinux with SELINUX=enforcing, SELINUXTYPE=targeted.

SELinux seems to be blocking httpd from accessing /home/name/www, atleast when trying to start apache it complains: Starting httpd: Warning: DocumentRoot [/home/xxxxxx/www] does not exist Warning: DocumentRoot [/home/yyyyy/www] does not exist [FAILED]

There are a couple of ways to handle this. This is in the order of most protection.

1. In order to maintain the SELinux protection on Apache, you could change the context of the directrory and files you wish to share. a chcon -t -R httpd_user_content_t /home/*/www b Then restart apache and try to access the pages. service httpd restart

2. You can disable SELinux protextion for apache. a. Run selinux-config-securitylevel and select the SELinux tab. b. In the Modify SELinux Policy box, select the transitions list item and expand. c. Check the Disable SELinux protection for httpd daemon line. d. Click ok e. Restart apache service httpd restart 3. Disable SELinux a. Run selinux-config-securitylevel and select the SELinux tab. b. UnClick Enabled c. Click Ok d. Reboot.

Follow-Ups:
- Re: SELinux & apache/httpd access to /home/*/www
  - From: Cream[DONut]

References:
- SELinux & apache/httpd access to /home/*/www
  - From: Cream[DONut]

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]