On Mon, 14 Nov 2005, Stephen Walton wrote:
I just got Big Brother working on Fedora Core 4 with SELinux enabled.
The key steps:
1. With SELinux turned on, apache adamantly refuses to follow symbolic
links, even if FollowSymLinks is set in httpd.conf. (Is this a bug?) The
only workaround I've been able to find is a bind mount:
Don't know but...
# mkdir /var/www/html/bb
# mount -o bind /home/bb/bb/www /var/www/html/bb
Why don't you simply put something like the following in
/etc/httpd/conf.d/bb.conf:
#
# Big Brother is a web based network monitoring program
#
Alias /bb /home/bb/bb/www
<Directory /home/bb/bb/www/>
order deny,allow
deny from all
allow from 127.0.0.1
allow from 192.168.0
</Directory>
Season to taste of course.
That way you do not have to mess with symlinks.
2. Change the context:
# chcon -R -h -t httpd_user_content_t /home/bb/bb/www
3. Change the two 'mv' commands in bb-display.sh to 'cp' commands so
that the contexts get preserved when the page is regenerated.
That sounds like the piece I was missing.
Thanks.
Of course in the above I'm assuming DocumentRoot in apache is set to
/var/www/html and that your Big Brother server files are in
/home/bb/bb. Change as appropriate for your setup.
That is a standard bb setup, so it should work for most.
Regards,
Tom Diehl tdiehl(a)rogueind.com Spamtrap address mtd123(a)rogueind.com