SELinux and Big Brother
Stephen Walton
stephen.walton at csun.edu
Mon Nov 14 22:36:08 UTC 2005
I just got Big Brother working on Fedora Core 4 with SELinux enabled.
The key steps:
1. With SELinux turned on, apache adamantly refuses to follow symbolic
links, even if FollowSymLinks is set in httpd.conf. (Is this a bug?) The
only workaround I've been able to find is a bind mount:
# mkdir /var/www/html/bb
# mount -o bind /home/bb/bb/www /var/www/html/bb
2. Change the context:
# chcon -R -h -t httpd_user_content_t /home/bb/bb/www
3. Change the two 'mv' commands in bb-display.sh to 'cp' commands so
that the contexts get preserved when the page is regenerated.
Of course in the above I'm assuming DocumentRoot in apache is set to
/var/www/html and that your Big Brother server files are in
/home/bb/bb. Change as appropriate for your setup.
More information about the fedora-selinux-list
mailing list