SELinux/httpd integration
Karsten Wade
kwade at redhat.com
Tue Nov 23 23:32:06 UTC 2004
On Tue, 2004-11-23 at 07:48, Joe Orton wrote:
> I'm going to add this text to /etc/httpd/conf.d/subversion.conf since it
> (currently :) works out-of-the-box: is the terminology "labelled with a
> context" correct?
Yes.
> #
> # Example configuration to enable HTTP access for a directory
> # containing Subversion repositories, "/var/www/svn". Each repository
> # must be readable and writable by the 'apache' user. Note that if
> # SELinux is enabled, the repositories must be labelled with a context
> # which httpd can write to; this will happen by default for
> # directories created in /var/www.
> #
Do you want to consider what to do if a user has an existing SVN
repository that they want to drop into /var/www? If the directory
already has SELinux xattrs and you mv or cp it to the location, it will
have the wrong label.
A simple 'restorecon -R /var/www' will take care of this, recursively
giving /var/www/svn the parent context.
- Karsten
--
Karsten Wade, RHCE, Tech Writer
a lemon is just a melon in disguise
http://people.redhat.com/kwade/
gpg fingerprint: 2680 DBFD D968 3141 0115 5F1B D992 0E06 AD0E 0C41
More information about the fedora-selinux-list
mailing list