On Mon, Dec 20, 2004 at 11:37:30AM -0500, Colin Walters wrote: > On Mon, 2004-12-20 at 16:32 +0000, Andy Smith wrote: > > > Now, the only thing I have changed is, instead of having my document > > root be /var/www/html I've put it in /data/www. I edited > > /etc/selinux/targeted/src/policy/file_contexts/program/apache.fc to > > reflect the fact that my content is in a different place and did do > > a restorecon to relabel things under /data. > > Did you do a 'make -C /etc/selinux/targeted/src/policy reload' ? Note > that restorecon works on /etc/selinux/targeted/contexts/file_contexts > which is generated from the .fc files. I did "make load", that would have been enough, right? > > What I don't understand is the reference to /. Why is selinux > > denying httpd searching /? > > Note that the path reference is relative; it looks to me like it's > trying to read / from dm-1, which presumably is your /data partition, > which has the default label of file_t. > > Try this: > > chcon -R -h -t httpd_sys_content_t /data Ah! That makes a lot more sense now, thanks.
Description: PGP signature