[CentOS] Nginx and SELinux on CentOS 7

Wed Jan 1 12:54:03 UTC 2020
Benson Muite <benson_muite at emailplus.org>

On 1/1/20 2:00 PM, Nicolas Kovacs wrote:
> Hi,
> I'm currently fiddling with Nginx on CentOS 7. Eventually I want to 
> use it instead of Apache on some servers.
> Apache works more or less out of the box with SELinux. My websites are 
> all stored under /var/www, and ls -Z shows me that all files created 
> under /var/www are correctly labeled httpd_sys_content_t.
> On my sandbox server I don't have Apache (httpd) installed, only Nginx 
> (the nginx package from EPEL).
> I manually created the /var/www directory and put a handful of static 
> websites in there to play around with. Curiously enough, I got a 
> SELinux alert.
> I took a peek in /var/www, and here's what the SELinux context looks 
> like:
>   unconfined_u:object_r:var_t:s0
> Now I'm a bit puzzled. Is the correct httpd_sys_content_t context only 
> applied if the httpd package is installed? How else can I explain this 
> strange behavior?
> Any suggestions?

Have used Nginx on Fedora with SELinux. Perhaps first try putting your 
sites in the default document root, /usr/share/nginx/html

> Niki