Running httpd as a user
Steve Searle
steve at stevesearle.co.uk
Sat Jul 2 09:20:44 UTC 2011
Around 07:49am on Saturday, July 02, 2011 (UK time), Jonathan Gardner scrawled:
> I build websites for a living. I'd like to get /usr/sbin/httpd running
> as a regular user. I've setup a directory with a simple httpd.conf on
> my F15 install. When it starts up, I get a single message in the error
> log:
>
> [Fri Jul 01 23:36:53 2011] [notice] SELinux policy enabled; httpd
> running as context
> unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
>
> I've poked at Google for a while but I don't see a way to tune SELinux
> to allow myself to run httpd. Any pointers? Turning SELinux off is an
> option, but I'd rather learn more about how SELinux really works so
> that I can take advantage of its benefits.
Try running the following:
# sealert -a /var/log/audit/audit.log
Look through the output for a section refering to the relevant errors -
you may want to pipe the output through less or sent it to a file that
you can browse.
In the relevant section there may be an "Allowing Access:" sub-section
which will give you the relevant commands.
I am no SELinux expert, but like you wanted to make it work for me, and
have found this method has solved the issues I have had (so far).
Hope it helps.
Steve
--
Website: www.stevesearle.com
Twitter: @ReddishShift
Facebook: www.facebook.com/steve.searle
10:16:46 up 17 days, 20:06, 1 user, load average: 0.06, 0.03, 0.00
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20110702/50ae3fe9/attachment.bin
More information about the users
mailing list