[CentOS] SELinux permissions for apache
Tim Dunphy
bluethundr at gmail.comThu Jan 22 20:18:12 UTC 2015
- Previous message: [CentOS] SELinux permissions for apache
- Next message: [CentOS] SELinux permissions for apache
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> > The easiest answer is to edit the Selinux config file. By default it is > set to enforce, which really locks it down. > cd /etc/selinux > edit the config file and change SELUNIX=enforcing to SELUNIX=permissive > Save the file and restart httpd, you should be fine.. Yeah dude, exactly. Except I actually do want to start using it. I've been disabling SELINUX forever because I wasn't familiar with using it. I've decided to change my tune on that this year and get more familiar with hit. I've always recognized it to be a good thing. Even if I didn't really have a clue about it. Thanks for the suggestion anyway! Tim On Thu, Jan 22, 2015 at 2:47 PM, John Plemons <john at mavin.com> wrote: > The easiest answer is to edit the Selinux config file. By default it is > set to enforce, which really locks it down. > > cd /etc/selinux > > edit the config file and change SELUNIX=enforcing to SELUNIX=permissive > > Save the file and restart httpd, you should be fine.. > > john plemons > > > > > On 1/22/2015 1:36 PM, Tim Dunphy wrote: > >> Hey Jeremy, >> >> >> >> Have you tried changing the folder where it's writing into with these >>> lables? httpd_sys_content_rw_t or httpd_user_content_rw_t >>> >> >> Adding 'rw' to the command did the trick. I tried httpd_sys_content_rw_t >> and >> that works fine! Thanks for the tip! >> >> Tim >> >> On Thu, Jan 22, 2015 at 1:19 PM, Jeremy Hoel <jthoel at gmail.com> wrote: >> >> Have you tried changing the folder where it's writing into with these >>> lables? httpd_sys_content_rw_t or httpd_user_content_rw_t >>> >>> On Thu, Jan 22, 2015 at 11:09 AM, Tim Dunphy <bluethundr at gmail.com> >>> wrote: >>> >>> Hey all, >>>> >>>> I have a simple php app working that writes some info to a text file. >>>> >>> The >>> >>>> app will only work correctly if SELinux is disabled. If it's enabled and >>>> try to use the app, it fails. It seems that SELinux is denying the app >>>> ability to write to the text file. >>>> >>>> So I tried running the following command: >>>> >>>> chcon -R -t httpd_sys_content_t /var/www >>>> >>>> And tried veriying the command with the following: >>>> >>>> ls -RZ /var/www >>>> >>>> And everything seems to be in order. For example I see: >>>> >>>> -rw-r--r--. apache apache system_u:object_r:httpd_sys_content_t:s0 >>>> vieworders.php >>>> >>>> But the app stil won't function correctly unless SELinux is set to off. >>>> What can I do to get it work with it enabled? >>>> >>>> Thanks >>>> Tim >>>> -- >>>> GPG me!! >>>> >>>> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B >>>> _______________________________________________ >>>> CentOS mailing list >>>> CentOS at centos.org >>>> http://lists.centos.org/mailman/listinfo/centos >>>> >>>> _______________________________________________ >>> CentOS mailing list >>> CentOS at centos.org >>> http://lists.centos.org/mailman/listinfo/centos >>> >>> >> >> > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
- Previous message: [CentOS] SELinux permissions for apache
- Next message: [CentOS] SELinux permissions for apache
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list