changes from fedora 7 to 9
Daniel J Walsh
dwalsh at redhat.com
Fri Sep 5 14:19:08 UTC 2008
Robert J. Carr wrote:
> Hopefully this is a quick question to those that know SELinux more
> than I do, which wouldn't be very hard to accomplish.
>
> I'm migrating a (working) environment from one server running Fedora 7
> to another running Fedora 9. After pulling my hair out for most of
> the day I've found out the problem is with SELinux because when I
> turned it off temporarily everything worked fine.
>
> Not to get into too much detail, but my problem came from apache not
> being able to access a file (although the error isn't quite that
> clear). Between the working environment and the non-working
> environment I can only see a couple differences in the selinux config
> files in /etc, but these have never been touched in either instance.
>
> The context labels are a bit different too. The working environment
> has these selinux context labels:
>
> user_u:object_r:httpd_sys_content_t
>
> But the non-working environment has these context labels:
>
> unconfined_u:object_r:httpd_sys_content_t:s0
>
> It seems to get an extra field and the user changes to unconfined. Is
> this relevant?
>
> There is nothing else that I can find different, is there anything
> else that could be the problem?
>
> Any advice would be greatly appreciated.
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Also pipe them through audit2why it might tell you you need to turn on a
boolean.
grep http /var/log/audit/audit.log | audit2allow -w
More information about the fedora-selinux-list
mailing list