I've noticed that SELinux blocks httpd (standard CentOS httpd, simply installed from RPM) from writing to krb5.conf file. Question. Why on earth would httpd need write access to krb5.conf file?! Sure, it might need read access if it is configured to use Kerberos for authentication, but write!? I mean, web server that modifies one of the critical files (which is used for authentication/authorization)?