[CentOS] Apache and '(13)Permission denied: access to ...'

Wed Apr 19 14:20:13 UTC 2006
Jim Perrin <jperrin at gmail.com>

On 4/19/06, Frank M. Ramaekers <FRamaekers at ailife.com> wrote:

> 1)                   /hobbit is located in /home/hobbit/server/www

Does apache have access to this location through normal permissions?
Is your alias for /hobbit set up correctly?

> 3)                   I've even chcon the files to httpd_sys_content_t

This has to be done on more than just the files. It has to follow the
whole path. Under default selinux rules, apache cannot access / so it
can't get to /home to even begin looking.

> Does CentOs 4.3 have SELinux enabled as shipped?  (I'm not producing any files in /var/log/audit)  (How do you tell if it's active?)

Yes, selinux is enabled by default on RHEL4 and CentOS4, unless you
disable it during install. To tell if it's active use the command
'getsebool'. It'll tell you if it's enabled and what type of policy
it's using (enforcing or permissive).  Messages only log to
/var/log/audit if auditd is running, otherwise it logs in
/var/log/messages. Check there for AVC messages.

> This message contains information which is privileged and confidential and is solely for the use of the intended recipient.  If you are not the intended recipient, be aware that any review, disclosure, copying, distribution, or use of the contents of this message is strictly prohibited. If you have received this in error, please destroy it immediately and notify us at PrivacyAct at ailife.com."

Privileged you say? On a mailing list huh... I think not. These things
are cute, but have no actual value. </mini-rant>

Any sufficiently advanced technology is indistinguishable from magic.
-Arthur C. Clarke