[CentOS] Apache, SELinux, and document root on a different partition

Mon Dec 1 14:39:32 UTC 2008
Kenneth Porter <shiva at sewingwitch.com>

Here's what I'm seeing logged. (Newlines added to make it easier to see the 
log line boundaries with wrapping.) It looks like it's failing to traverse 
the root directory to get to the directory with the content in it, but why 
doesn't it fail on /var/www/html or home directory content, which must also 
do that?

type=AVC msg=audit(1228142052.656:3183659): avc:  denied  { search } for 
pid=29382 comm="httpd" name="/" dev=cciss/c0d2p1 ino=2 
scontext=user_u:system_r:httpd_t:s0 tcontext=system_u:object_r:file_t:s0 
tclass=dir

type=SYSCALL msg=audit(1228142052.656:3183659): arch=40000003 syscall=195 
success=no exit=-13 a0=d75a6f0 a1=bfa4aadc a2=5ccff4 a3=8170 items=0 
ppid=24589 pid=29382 auid=555 uid=48 gid=48 euid=48 suid=48 fsuid=48 
egid=48 sgid=48 fsgid=48 tty=(none) comm="httpd" exe="/usr/sbin/httpd" 
subj=user_u:system_r:httpd_t:s0 key=(null)

type=AVC msg=audit(1228142052.657:3183660): avc:  denied  { getattr } for 
pid=29382 comm="httpd" name="/" dev=cciss/c0d2p1 ino=2 
scontext=user_u:system_r:httpd_t:s0 tcontext=system_u:object_r:file_t:s0 
tclass=dir

type=SYSCALL msg=audit(1228142052.657:3183660): arch=40000003 syscall=196 
success=no exit=-13 a0=d75a768 a1=bfa4aadc a2=5ccff4 a3=2008171 items=0 
ppid=24589 pid=29382 auid=555 uid=48 gid=48 euid=48 suid=48 fsuid=48 
egid=48 sgid=48 fsgid=48 tty=(none) comm="httpd" exe="/usr/sbin/httpd" 
subj=user_u:system_r:httpd_t:s0 key=(null)

type=AVC_PATH msg=audit(1228142052.657:3183660):  path="/mnt/bigdisk2"