Allowing a apache to access a user folder by using semanage
Jan-Frode Myklebust
mykleb at no.ibm.com
Wed May 9 21:15:07 UTC 2007
On 2007-05-09, Josef Meile <jmeile at hotmail.com> wrote:
> Ok, then is httpd_sys_content_t the right one? I solve it as follows:
>
> semanage fcontext -a -t httpd_t "/home/zopeuser/data(/.*)?"
> chcon -R -t httpd_sys_content_t /home/zopeuser/data
>
The semanage command should have set httpd_sys_content_t, not httpd_t.
semanage fcontext -a -t httpd_sys_content_t "/home/zopeuser/data(/.*)?"
restorecon -R /home/zopeuser/data
... I guess the restorecon will fail on a few symlinks again, but get
the rest right. I'd prefer restorecon over "chcon -t" just to make sure
the labeling rules are right, and woun't get wrong if you ever do a full
"touch /.autorelabel".
-jf
More information about the fedora-selinux-list
mailing list