Robert J. Carr wrote:
Hopefully this is a quick question to those that know SELinux more
than I do, which wouldn't be very hard to accomplish.
I'm migrating a (working) environment from one server running Fedora 7
to another running Fedora 9. After pulling my hair out for most of
the day I've found out the problem is with SELinux because when I
turned it off temporarily everything worked fine.
Not to get into too much detail, but my problem came from apache not
being able to access a file (although the error isn't quite that
clear). Between the working environment and the non-working
environment I can only see a couple differences in the selinux config
files in /etc, but these have never been touched in either instance.
The context labels are a bit different too. The working environment
has these selinux context labels:
user_u:object_r:httpd_sys_content_t
But the non-working environment has these context labels:
unconfined_u:object_r:httpd_sys_content_t:s0
It seems to get an extra field and the user changes to unconfined. Is
this relevant?
There is nothing else that I can find different, is there anything
else that could be the problem?
Any advice would be greatly appreciated.
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list Also pipe them through
audit2why it might tell you you need to turn on a
boolean.
grep http /var/log/audit/audit.log | audit2allow -w