/etc/default in Fedora
David Quigley
selinux at davequigley.com
Fri Mar 16 17:49:11 UTC 2012
On 03/16/2012 04:56, Matej Cepl wrote:
> On 15.3.2012 09:38, Tomasz Torcz wrote:
>>> Why and why just us?
>>
>> Good question, we deviate from upstream default:
>> http://wiki.apache.org/httpd/DistrosDefaultLayout
>
> Do we have somebody to make the stupid item 3 go away?
>
> # If you're having issues with authorization and your permissions are
> # correct make sure that you try testing with SELinux turned off. Run
> # 'setenforce 0' and use 'chcon' to fix permissions. Run 'ls -alZ' to
> # view the current permissions.' SELinux first appeared in Fedora
> Core
> # 3, RHEL 4, and CentOS 4.
>
> httpd in Fedora/RHEL/CentOS works with SELinux just fine. Anything
> else are bugs, which need to be filed.
>
> Matěj
Short of educating web server administrators about SELinux and the
correct labels for web resources I'm not sure what else can be done. You
don't want to use restorecond to make sure the directories are labeled
properly because you could potentially use an improperly configured file
upload capability to drop whatever pages you want onto the server and it
would fixup the labels. Unfortunately education is the best option but
not the easiest.
Dave
More information about the devel
mailing list