[CentOS] Solved - Re: C7 apache file access
Robert Moskowitz
rgm at htt-consult.com
Wed Dec 23 21:41:52 UTC 2015
On 12/23/2015 04:36 PM, Александр Кириллов wrote:
> Robert Moskowitz писал 2015-12-23 23:56:
>> On 12/23/2015 03:26 PM, John R Pierce wrote:
>>> On 12/23/2015 12:05 PM, Robert Moskowitz wrote:
>>>>> If SELinux is working, then do
>>>>>
>>>>> setsebool -P httpd_enable_homedirs on
>>>>
>>>> Did not help.
>>>>
>>>> in messages I see:
>>>>
>>>> Dec 23 14:54:04 medon dbus-daemon: dbus[444]: avc: received
>>>> policyload notice (seqno=3)
>>>> Dec 23 14:54:04 medon dbus[444]: avc: received policyload notice
>>>> (seqno=3)
>>>> Dec 23 14:54:04 medon dbus-daemon: dbus[444]: [system] Reloaded
>>>> configuration
>>>> Dec 23 14:54:04 medon dbus[444]: [system] Reloaded configuration
>>>> Dec 23 14:54:11 medon setsebool: The httpd_enable_homedirs policy
>>>> boolean was changed to on by root
>>>>
>>>> BUt still get the access error:
>>>>
>>>> [Wed Dec 23 14:55:26.579402 2015] [negotiation:error] [pid 3212]
>>>> (13)Permission denied: [client 192.168.160.20:38836] AH00686:
>>>> cannot read directory for multi: /home/rgm/public_html/biby/
>>>>
>>>> i should say that this system is build with the Centos7-arm build
>>>> that we are testing out. So this could be a problem with the
>>>> selinux build for armv7. But I thought this was a general
>>>> C7/apache issue...
>>>
>>> did you verify it /is/ selinux by running with `setenforce
>>> permissive` ?
>>
>> Thank you for that reminder. I did that and the directory was
>> displayed.
>>
>> switch back to enforcing and get the permissions error.
>>
>> So what do I try next. My current server is also an ARMv7 that is
>> running the Centos6 port of Redsleeve6. This port does not support
>> selinux which is one of the many reasons I want to move all my ARMv7
>> servers over to C7-arm as soon as I can. Thus I suspect I am going to
>> be learning (relearning in some cases) a lot about selinux...
>
> Have you tried restorecon -Rv /home ?
>
>
No, as I did not know this command existed and what it might be used for.
I can now access the files. Thanks
More information about the CentOS
mailing list