[CentOS] Apache, SELinux, and document root on a different partition

Rick Barnes linux at sitevision.com
Mon Dec 1 10:26:00 UTC 2008

Kenneth Porter wrote:
> Here's what I'm seeing logged. (Newlines added to make it easier to see 
> the log line boundaries with wrapping.) It looks like it's failing to 
> traverse the root directory to get to the directory with the content in 
> it, but why doesn't it fail on /var/www/html or home directory content, 
> which must also do that?
> type=AVC msg=audit(1228142052.656:3183659): avc:  denied  { search } for 
> pid=29382 comm="httpd" name="/" dev=cciss/c0d2p1 ino=2 
> scontext=user_u:system_r:httpd_t:s0 tcontext=system_u:object_r:file_t:s0 
> tclass=dir

Try this:

# grep httpd /var/log/audit/audit.log | audit2why

The output should explain why you are getting the permission denials.


More information about the CentOS mailing list