Not sure if this got through - nixspam was being aggravating, so I'm reposting. James B. Byrne wrote: > CentOS-6.5 > We deploy web applications written with the Ruby on Rails framework using Capistrano (2.x). Each 'family' of web applications are 'owned' by a dedicated user id. The present httpd service is Apache 2.2.15 and we use Passenger 3.0.11. We are moving shortly to a new deployment host and at that > time we will be updating to Apache 2.4.9 and Passenger 4..0.25. > Our deployment practice is to place the 'family' directory under /var/data/. > This is the home directory of the application user id. We place each individual web application or component into its own directory underneath the > family root. So that things look like this: passenger_exec_t, etc. <http://linuxmanpages.net/manpages/fedora17/man8/passenger_selinux.8.html> And if you google anything else, note: DO NOT USE CHCON; it does *NOT* remain following a reboot. Use semanage fcontext (and the manpage example is what I use all the time), followed by a restorecon -Rv mark