first encounters with SELINUX, with some suggestions
Karsten Wade
kwade at redhat.com
Tue Nov 9 20:05:04 UTC 2004
On Tue, 2004-11-09 at 10:26, Colin Walters wrote:
> On Tue, 2004-11-09 at 13:12 +0100, Thomas Vander Stichele wrote:
> > Hi,
> >
> > I upgraded to FC3 this weekend. I always try and go with the defaults
> > on a new install, because when fielding bug reports for my various
> > projects I prefer to make the defaults work first so bug reporters and I
> > have a common ground to work with.
> >
> > Since the default SELINUX policy is "targeted" I chose this, bracing
> > myself :)
> >
> > My first task was getting all my locally hosted websites to run.
> >
> > I have a few virtualhosts in my /home/thomas/www directory. When
> > starting apache, the service script complains about these directories
> > missing.
> >
> > Please note that I have a separate /home partition on hda6; I don't know
> > if this affects any policy (yet).
>
> Indeed, this is the root of the problem. Your /home partition isn't
> labeled since it was carried over from an earlier installation, so it
> gets the default_t type. Personally, I would have done:
>
> restorecon -v -R /home
>
> I don't think you would have seen this particular issue if you'd done a
> fresh installation.
>
> See also this question:
> http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#id2963454
restoreceon -v -R /home is the best solution. fixfiles doesn't take a
path as an option, although I thought it did in the past (which is why I
had it in the FAQ).
This answer in the FAQ will be updated to give the two answers,
preferring restorecon for just relabeling a particular directory path,
and fixfiles for ensuring that every file on the system is properly
labeled.
thx - Karsten
--
Karsten Wade, RHCE, Tech Writer
a lemon is just a melon in disguise
http://people.redhat.com/kwade/
gpg fingerprint: 2680 DBFD D968 3141 0115 5F1B D992 0E06 AD0E 0C41
More information about the fedora-devel-list
mailing list