[CentOS] Apache and '(13)Permission denied: access to ...'

Thu Apr 20 16:29:41 UTC 2006
Frank M. Ramaekers <FRamaekers at ailife.com>

Thanks that helped (plus the disabling of it in /etc/sysconfig/selinux).


Oh BTW: 
Privileged you say? On a mailing list huh... I think not. These things
are cute, but have no actual value. </mini-rant>

Yeah, the company adds this...like it will do a lot of good!

Frank M. Ramaekers Jr.
Systems Programmer; MCP, MCP+I, MCSE & RHCE
American Income Life Insurance Company 
Phone: (254) 761-6649     Fax: (254) 741-5777


-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
Behalf Of Jim Perrin
Sent: Wednesday, April 19, 2006 9:20 AM
To: CentOS mailing list
Subject: Re: [CentOS] Apache and '(13)Permission denied: access to ...'

On 4/19/06, Frank M. Ramaekers <FRamaekers at ailife.com> wrote:
>
>
>


> 1)                   /hobbit is located in /home/hobbit/server/www

Does apache have access to this location through normal permissions?
Is your alias for /hobbit set up correctly?

> 3)                   I've even chcon the files to httpd_sys_content_t

This has to be done on more than just the files. It has to follow the
whole path. Under default selinux rules, apache cannot access / so it
can't get to /home to even begin looking.

> Does CentOs 4.3 have SELinux enabled as shipped?  (I'm not producing
any files in /var/log/audit)  (How do you tell if it's active?)

Yes, selinux is enabled by default on RHEL4 and CentOS4, unless you
disable it during install. To tell if it's active use the command
'getsebool'. It'll tell you if it's enabled and what type of policy
it's using (enforcing or permissive).  Messages only log to
/var/log/audit if auditd is running, otherwise it logs in
/var/log/messages. Check there for AVC messages.

> This message contains information which is privileged and confidential
and is solely for the use of the intended recipient.  If you are not the
intended recipient, be aware that any review, disclosure, copying,
distribution, or use of the contents of this message is strictly
prohibited. If you have received this in error, please destroy it
immediately and notify us at PrivacyAct at ailife.com."

Privileged you say? On a mailing list huh... I think not. These things
are cute, but have no actual value. </mini-rant>


--
Any sufficiently advanced technology is indistinguishable from magic.
-Arthur C. Clarke
_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos