Apache, Virtual Servers and SELinux

Michael Shaw mshaw at dowco.com
Sat Nov 12 19:06:12 UTC 2005 

Paul Howarth wrote:

>On Fri, 2005-11-11 at 12:02 -0800, Michael Shaw wrote:
>  
>
>>Hi all,
>>
>>I installed Apache on an FC4 machine, and I was trying to get Virtual 
>>servers working.  To do so, I had the following name based virtual 
>>servers.  I placed the following directives (among others) in my 
>>httpd.conf file:
>>
>>~~~~~~~~~~~~
>># Virtual host default
>><VirtualHost 192.168.1.25>
>>     ServerName default
>>    DocumentRoot "/var/www/html"
>>    DirectoryIndex index.php index.html index.htm index.shtml
>>     LogLevel debug
>>     HostNameLookups off
>></VirtualHost>
>>
>># Virtual host michael
>><VirtualHost 192.168.1.25>
>>    ServerAdmin mshaw at dowco.com
>>    DocumentRoot /home/michael/public_html/www
>>    ServerName michael
>>    DirectoryIndex index.html index.php
>></VirtualHost>
>>
>><Directory "/var/www/html">
>>        Options Indexes Includes FollowSymLinks
>>        AllowOverride None
>>        Allow from all
>>        Order allow,deny
>></Directory>
>>
>><Directory "/home/*/public_html/www">
>>        Options Indexes Includes FollowSymLinks
>>        AllowOverride None
>>        Order allow,deny
>>        Allow from all
>></Directory>
>>~~~~~~~~~~~~
>>
>>I was  very fristrated that the virtual server michael get giving me 
>>access denied errors.  I disabled SELinux and everythign worked.  So I 
>>tried fiddling away with all the HTTPD settings but cou;dn't get it to 
>>work with SELinux on, including "Allow HTTPD to read home directories".
>>
>>I have seen references to this on the Internet but not a cure.  Which 
>>check box am I missing?
>>    
>>
>
>Make sure your httpd-readable files have the correct context:
>
>$ chcon -R -t httpd_user_content_t /home/michael/public_html/www
>
>Paul.
>  
>
Never mind, changed my configuration to use the method at 
http://httpd.apache.org/doc/2.0/vhosts/mass.html#simple and now SELinux 
works when I allow access to home directories.

Though I will have to study what chcon mans: I know it means change 
context, but I will have to get used to it with cmod and chown.

Thanks though.
Michael

More information about the fedora-selinux-list mailing list