Cannot FTP to /var/www/don/html with SELinux enabled
Paul Howarth
paul at city-fan.org
Tue May 30 07:21:40 UTC 2006
On Mon, 2006-05-29 at 21:47 -0700, Don wrote:
> Hi,
> I have two problems which I think they are similar.
>
> 1) I have a directory /var/www/don/html which is owned by don. I
> want to ftp some web pages, but I cannot cd to /var/www/don/html when
> SELinux is enabled. When I turn SELinux off it works. What do I
> need to set to allow this.
You'll need to allow this area to be writable by your ftp server as far
as SELinux is concerned. It might be enough to do:
# chcon -R -t public_content_rw_t /var/www/don/html
# setsebool -P allow_ftpd_anon_write 1
but I suspect you'll also need a local policy tweak to allow the ftp
server to access /var/www/don in the first place. If the above commands
don't work, look in /var/log/messages for lines containing "avc:
denied" after the time you made these changes, and post what you find
here.
> 2) If I ftp the html files to my home dir the and copy them to
> /var/www/don/html they cannot we read by the browser while SELinux is enabled.
You'll need to change the security context of the files after copying
them if you do it this way.
$ chcon -R -t httpd_sys_content_t /var/www/don/html
Paul.
More information about the fedora-selinux-list
mailing list