disable selinux for httpd

Arthur Stephens astephens at ptera.net
Thu Dec 9 21:21:47 UTC 2004 

> What does id -Z return?
root:system_r:unconfined_t

> What does sestatus return?
SELinux status:         enabled
SELinuxfs mount:        /selinux
Current mode:           enforcing
Policy version:         18

Policy booleans:
allow_ypbind            active
dhcpd_disable_trans     inactive
httpd_disable_trans     active
httpd_enable_cgi        active
httpd_enable_homedirs   active
httpd_ssi_exec          active
httpd_tty_comm          inactive
httpd_unified           active
mysqld_disable_trans    inactive
named_disable_trans     inactive
named_write_master_zonesinactive
nscd_disable_trans      inactive
ntpd_disable_trans      inactive
portmap_disable_trans   inactive
postgresql_disable_transinactive
snmpd_disable_trans     inactive
squid_disable_trans     inactive
syslogd_disable_trans   inactive
ypbind_disable_trans    inactive

----- Original Message ----- 
From: "Daniel J Walsh" <dwalsh at redhat.com>
To: "Fedora SELinux support list for users & developers."
<fedora-selinux-list at redhat.com>
Sent: Thursday, December 09, 2004 12:40 PM
Subject: Re: disable selinux for httpd


> Arthur Stephens wrote:
>
> >I have no GUI - this is just a server.
> >
> >
> >>setsebool -P XYZ=0 permanantly turns off boolean XYZ.
> >>
> >>
> >I typed
> >setsebool -P httpd_disable_trans=1
> >Returned
> >usage: setsebool boolean value
> >
> >
> >
> >>system-config-securitylevel also does this.
> >>
> >>
> >This gives me only one option
> >firewall
> >
> >
> >
> This sounds like you are not running SELinux or are on a screwed up
machine.
>
> What does id -Z return?
>
> What does sestatus return?
>
>
> >: (
> >
> >Arthur Stephens
> >Senior Sales Technician
> >Ptera Wireless Internet
> >astephens at ptera.net
> >509-927-Ptera
> >
> >----- Original Message ----- 
> >From: "Daniel J Walsh" <dwalsh at redhat.com>
> >To: "Fedora SELinux support list for users & developers."
> ><fedora-selinux-list at redhat.com>
> >Sent: Thursday, December 09, 2004 12:05 PM
> >Subject: Re: disable selinux for httpd
> >
> >
> >
> >
> >>Arthur Stephens wrote:
> >>
> >>
> >>
> >>>Ok I have given up on getting httpd to work under selinux
> >>>I would like it disabled it for httpd.
> >>>I know how to do that temporary with setsebool but how does one make
> >>>that permanent?
> >>>
> >>>Maybe when I have some time to spare :) I can come back to it.
> >>>
> >>>Arthur Stephens
> >>>Senior Sales Technician
> >>>Ptera Wireless Internet
> >>>astephens at ptera.net <mailto:astephens at ptera.net>
> >>>509-927-Ptera
> >>>
>
>>>------------------------------------------------------------------------
> >>>
> >>>--
> >>>fedora-selinux-list mailing list
> >>>fedora-selinux-list at redhat.com
> >>>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
> >>>
> >>>
> >>>
> >>setsebool -P XYZ=0 permanantly turns off boolean XYZ.
> >>system-config-securitylevel also does this.
> >>
> >>--
> >>fedora-selinux-list mailing list
> >>fedora-selinux-list at redhat.com
> >>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
> >>
> >>
> >
> >--
> >fedora-selinux-list mailing list
> >fedora-selinux-list at redhat.com
> >http://www.redhat.com/mailman/listinfo/fedora-selinux-list
> >
> >
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list

More information about the fedora-selinux-list mailing list