SELinux, F8, and httpd
Nathan Grennan
fedora-list at cygnusx-1.org
Wed Feb 27 22:46:29 UTC 2008
How do I disable SELinux completely for httpd? In F7 from what I have
read it was "setsebool -P httpd_disable_trans 1". I get the errors below
when I try that. I looked in the policy files and couldn't find any
reference of it. I looked in system-config-selinux, and only found
options to tweak small aspects of SELinux for httpd, but not completely
disable it. I also notice there doesn't seem to be options to disable
selinux for any service. Not having a per service disable option means
your only recourse in some situations is simply to put SELinux in
permissive mode.
libsemanage.dbase_llist_set: record not found in the database
libsemanage.dbase_llist_set: could not set record value
Could not change boolean httpd_disable_trans
Could not change policy booleans
I want to disable httpd, because I don't want to have to run
restorecon ~/public_html/dir if I move a directory from ~/ to
~/public_html. I find the whole idea of restorecon funny. It isn't like
chown or chmod where you give it options telling it what to change it
to. It is just supposed to fall back on policy. So why not just have the
system automatically set the default policy on the move? You can say,
but there is chcon, but even if you use it to hand set something, if you
restorecon or relabel on boot are have used in the future it is likely
going to wipe any changes made with chcon.
More information about the fedora-list
mailing list