[CentOS] SELinux permissions for apache
Tim Dunphy
bluethundr at gmail.com
Thu Jan 22 20:18:12 UTC 2015
>
> The easiest answer is to edit the Selinux config file. By default it is
> set to enforce, which really locks it down.
> cd /etc/selinux
> edit the config file and change SELUNIX=enforcing to SELUNIX=permissive
> Save the file and restart httpd, you should be fine..
Yeah dude, exactly. Except I actually do want to start using it. I've been
disabling SELINUX forever because I wasn't familiar with using it. I've
decided to change my tune on that this year and get more familiar with hit.
I've always recognized it to be a good thing. Even if I didn't really have
a clue about it.
Thanks for the suggestion anyway!
Tim
On Thu, Jan 22, 2015 at 2:47 PM, John Plemons <john at mavin.com> wrote:
> The easiest answer is to edit the Selinux config file. By default it is
> set to enforce, which really locks it down.
>
> cd /etc/selinux
>
> edit the config file and change SELUNIX=enforcing to SELUNIX=permissive
>
> Save the file and restart httpd, you should be fine..
>
> john plemons
>
>
>
>
> On 1/22/2015 1:36 PM, Tim Dunphy wrote:
>
>> Hey Jeremy,
>>
>>
>>
>> Have you tried changing the folder where it's writing into with these
>>> lables? httpd_sys_content_rw_t or httpd_user_content_rw_t
>>>
>>
>> Adding 'rw' to the command did the trick. I tried httpd_sys_content_rw_t
>> and
>> that works fine! Thanks for the tip!
>>
>> Tim
>>
>> On Thu, Jan 22, 2015 at 1:19 PM, Jeremy Hoel <jthoel at gmail.com> wrote:
>>
>> Have you tried changing the folder where it's writing into with these
>>> lables? httpd_sys_content_rw_t or httpd_user_content_rw_t
>>>
>>> On Thu, Jan 22, 2015 at 11:09 AM, Tim Dunphy <bluethundr at gmail.com>
>>> wrote:
>>>
>>> Hey all,
>>>>
>>>> I have a simple php app working that writes some info to a text file.
>>>>
>>> The
>>>
>>>> app will only work correctly if SELinux is disabled. If it's enabled and
>>>> try to use the app, it fails. It seems that SELinux is denying the app
>>>> ability to write to the text file.
>>>>
>>>> So I tried running the following command:
>>>>
>>>> chcon -R -t httpd_sys_content_t /var/www
>>>>
>>>> And tried veriying the command with the following:
>>>>
>>>> ls -RZ /var/www
>>>>
>>>> And everything seems to be in order. For example I see:
>>>>
>>>> -rw-r--r--. apache apache system_u:object_r:httpd_sys_content_t:s0
>>>> vieworders.php
>>>>
>>>> But the app stil won't function correctly unless SELinux is set to off.
>>>> What can I do to get it work with it enabled?
>>>>
>>>> Thanks
>>>> Tim
>>>> --
>>>> GPG me!!
>>>>
>>>> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
>>>> _______________________________________________
>>>> CentOS mailing list
>>>> CentOS at centos.org
>>>> http://lists.centos.org/mailman/listinfo/centos
>>>>
>>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>>
>>>
>>
>>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
More information about the CentOS
mailing list