SELinux problem (was Re: Is httpd in FC3 chrooted???)
D. D. Brierton
darren at dzr-web.com
Tue Feb 8 14:20:01 UTC 2005
On Tue, 2005-02-08 at 13:33 +0000, D. D. Brierton wrote:
> Okay, it seems it's SELinux related. I'm currently reading my way
> through
>
> http://fedora.redhat.com/docs/selinux-apache-fc3/
>
> but if anyone has some advice I'd be grateful. Thanks!
One problem is that it seems that most of the files in my /home
partition don't have *any* SELinux security context, only newly created
files do.
Furthermore, the document above says that files in my home directory
should have type "user_home_t", whereas in fact all of the newly created
files in my home directory which do have a security context just have
type "file_t". Sigh. I'm confused. This is a bit of a baptism by fire --
all I wanted to do was get on with my work and instead I've spent the
morning learning about SELinux.
I tried to use restorecon, but it segfaults:
$ /sbin/restorecon -R -v /home/darren
/sbin/restorecon reset context /home/darren:->system_u:object_r:user_home_dir_t
Segmentation fault
I need to use either
chcon -R -t httpd_sys_content_t public_html
or
chcon -R -t httpd_user_content_t public_html
I think, so that Apache can access the DocumentRoots of my VirtualHosts
(they're all in ~/public_html/), but when I try either I get:
chcon: can't apply partial context to unlabeled file public_html/
which I take to mean that I also need to supply values for -u and -r,
but I don't what values I should be using.
I'd really appreciate some help!
Best, Darren
--
=====================================================================
D. D. Brierton darren at dzr-web.com www.dzr-web.com
Trying is the first step towards failure (Homer Simpson)
=====================================================================
More information about the fedora-list
mailing list