invalid context: httpd_sys_content_rw_t

Braden McDaniel braden at endoframe.com
Sat Mar 14 06:45:43 UTC 2009


On Fri, 2009-03-13 at 08:29 -0400, Stephen Smalley wrote:
> On Fri, 2009-03-13 at 05:10 -0400, Braden McDaniel wrote:
> > I'm trying to let httpd write to a subdirectory of ~/public_html and I'm
> > running into SELinux errors on Fedora 10.  The error message directs me
> > to "man httpd_selinux", which describes several context types.  Of
> > these, httpd_sys_content_rw_t sounds like what I want; however, chcon
> > doesn't seem to know about it:
> > 
> >         $ chcon -R httpd_sys_content_rw_t mydir
> >         chcon: invalid context: httpd_sys_content_rw_t
> 
> You would need to use the "-t" option to specify just the type without
> specifying a full security context.

Aha.

>   But you should be able to just run:
> 	restorecon -v mydir

That makes the type "httpd_user_content_t", which doesn't let httpd
write to the directory.  Using "chcon -t" to change the type to
httpd_user_content_rw_t does the trick, though.  Thanks.

-- 
Braden McDaniel                           e-mail: <braden at endoframe.com>
<http://endoframe.com>                    Jabber: <braden at jabber.org>





More information about the fedora-list mailing list