Help with SELinux public_html (access denied)

Support for security such as Firewalls and securing linux
grifs71
Posts: 157
Joined: 2007/10/02 05:15:38
Location: Arkansas, United States

Help with SELinux public_html (access denied)

Postby grifs71 » 2008/11/13 17:33:46

I have tried relabeling the file context with the file context of a file that works, however I still receive the following error:

Nov 13 11:16:02 blade3 kernel: audit(1226596562.377:704): avc: denied { getattr } for pid=29913 comm="httpd" name="public_html" dev=dm-0 ino=1328790 scontext=root:system_r:httpd_t tcontext=root:object_r:user_home_t tclass=dir


It is on public_html

Contexts that works root:object_r:httpd_sys_content_t

I have tried to do the following chcon -t httpd_sys_content_t public_html however I still get access denied?


drwxr-xr-x user user root:object_r:httpd_sys_content_t public_html

Has anyone had this issue before?

Any help would be greatly appreciated.

grifs71
Posts: 157
Joined: 2007/10/02 05:15:38
Location: Arkansas, United States

Re: Help with SELinux public_html (access denied) SOLVED

Postby grifs71 » 2008/11/13 21:54:43

Solution to problem

chcon --reference /var/www/html /home/user/html (ect) [source from where you want the context to match]

chcon -t httpd_sys_content_t to the /home/user/html [change the context on the files]

This resolves the issue.

If anyone needs any more information or explanation let me know...




:-)

tru_tru
Posts: 34
Joined: 2007/10/05 21:12:09
Location: France

Re: Help with SELinux public_html (access denied)

Postby tru_tru » 2008/11/17 09:47:22

chcon -R -t httpd_user_content_t public_html/ from http://docs.fedoraproject.org/selinux-f ... ublic_html