How gain access to DocumentRoot contents of Apache-httpd through a Web browser which is set to point to the Home folder of the User?

Daniel J Walsh dwalsh at
Mon Apr 18 19:14:48 UTC 2011

Hash: SHA1

On 04/16/2011 08:12 AM, Tim wrote:
> On Thu, 2011-04-14 at 11:12 +0100, Bryn M. Reeves wrote:
>> Heh, thought I might be out of date here.. I think that the correct
>> context for home directory web content is now httpd_user_content_t
>> (although I think httpd_sys_content_t still works - an SELinux expert
>> can probably explain exactly why that's wrong or a bad idea but it
>> certainly means there's no separation between user and system content
>> so the policy can't distinguish them ;).
> Not an expert opinion, but I can imagine that an auto re-label might
> change them to the expected contexts.  Though I can't imagine that
> causing any problems.

That is true, but only important if you are using confined users.  If
your users are logging in as unconfined_t then they can read and write
httpd_sys_content_t.  If you turn on confined users, then you would want
them labeled httpd_user_content_t.

If you run restorecon -R -v -F ~/public_content, it should change the
labels to the default.
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora -


More information about the users mailing list