Running on CentOS 6.4, we've got one website fronting a subversion repo. There's a directory that contains configuration files - access files, etc. I've tried httpd_config_t, and selinux doesn't like apache trying to get there.
What is the correct fcontext that will make apache and selinux both happy? All I can find googling are the contexts for the executables and the repos.
mark
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 11/13/2013 11:58 AM, m.roth@5-cent.us wrote:
Running on CentOS 6.4, we've got one website fronting a subversion repo. There's a directory that contains configuration files - access files, etc. I've tried httpd_config_t, and selinux doesn't like apache trying to get there.
What is the correct fcontext that will make apache and selinux both happy? All I can find googling are the contexts for the executables and the repos.
mark
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
man httpd_selinux
Will show you read only content is httpd_sys_content_t.
r/w content httpd_sys_rw_content_t.
Daniel J Walsh wrote:
On 11/13/2013 11:58 AM, m.roth@5-cent.us wrote:
Running on CentOS 6.4, we've got one website fronting a subversion repo. There's a directory that contains configuration files - access files, etc. I've tried httpd_config_t, and selinux doesn't like apache trying
to get
there.
What is the correct fcontext that will make apache and selinux both happy? All I can find googling are the contexts for the executables and
the
repos.
man httpd_selinux
Will show you read only content is httpd_sys_content_t.
r/w content httpd_sys_rw_content_t.
Thanks, Dan. I think that's dealt with. Now if I can just get one user to stop writing to a logfile in his cgi-bin directory.... <g>
mark
selinux@lists.fedoraproject.org