[CentOS-docs] doc?: TipsAndTricks/ApacheVHostDir
Manuel Wolfshant
wolfy at nobugconsulting.ro
Fri Sep 4 00:39:44 UTC 2009
On 09/04/2009 12:12 AM, Ed Heron wrote:
> From: "Filipe Brandenburger", Thursday, September 03, 2009 1:27 PM
>
>
>> Hi,
>>
>> On Thu, Sep 3, 2009 at 15:13, Ed Heron<Ed at heron-ent.com> wrote:
>>
>>>> [1] I am not sure what will happen after a full relabeling of the
>>>> system, since the new directory does not exist in the selinux database
>>>> (I mean /etc/selinux/targeted/contexts/files/file_contexts, part of
>>>> selinux-policy)
>>>>
>>> I added a disclaimer. Does it cover it?
>>>
>> The right way to fix it is to use "semanage fcontext" (see "man
>> semanage") to make that change permanent even after a relabel.
>>
>> I believe it should be something like:
>> # semanage fcontext -a -t httpd_config_t "/etc/httpd/vconf\.d(/.*)?"
>>
>> After that, you can use "restorecon" instead of "chcon":
>> # restorecon -R /etc/httpd/vconf.d
>>
>> I did not test those above, so if you want to add them to the Wiki
>> page you should test them before you do.
>>
>
> Interestingly...
>
> # semanage fcontext -l | grep http
>
> returns, among other things,
> /etc/httpd(/.*)? all files
> system_u:object_r:httpd_config_t:s0
>
> so, the newly created directory is covered...
>
right. seems like dan walsh and his team already took care of our crazy
ideas :)
> I also found...
> /etc/vhosts regular file
> system_u:object_r:httpd_config_t:s0
>
> Not entirely sure what that is there for, except to cover people doing
> wierded things than I'm proposing...
>
Must be a placeholder for more crazy ideas. Unless my yum knowledge is
deeply affected by the hour and my vacation which starts in 16 hours,
nothing in the main repo seems to provide that file.
>> But I still agree that just using "conf.d" achieves exactly the same
>> results with a lot less work, so it would still be my advice...
>>
>
> I now agree that the same results are achieved with virtual host files in
> conf.d
>
> I have updated the page. Have I acceptably promoted the 'preferred' method?
>
I would provide a few more details under the "Virtual Host files can be
placed in the configuration directory directly or by link." category
(i.e. about the separate folder with configs and symlinks to
conf.d/vhost.d). But yes, now it looks much better. Even though your
over engineered method is way too complex, given that simply dropping
the configuration files in the default conf dir achieves the very same
result with much less effort and, more important, no risk of breakage
during updates.
More information about the CentOS-docs
mailing list