Support for security such as Firewalls and securing linux
Posts: 7
Joined: 2008/06/11 05:49:28
Location: Arkansas


Postby wesbarris » 2010/01/11 01:39:56

I am installing some web software that is trying to set the security context like this:

/usr/bin/chcon -R -t httpd_sys_content_rw_t /htdocs/gbrowse2/tmp

This command fails with this error:

wes@bioweb> /usr/bin/chcon -R -t httpd_sys_content_rw_t /htdocs/gbrowse2/tmp
/usr/bin/chcon: failed to change context of /htdocs/gbrowse2/tmp to user_u:object_r:httpd_sys_content_rw_t: Invalid argument

I've done some searching on the web and the security context appears to be valid. However,
it does not seem to work on our CentOS 4.8 web server. The httpd_selinux man page does
not mention this context. However, it does mention httpd_sys_content_t which is similar but
I need one that allows write access.

Posts: 17
Joined: 2010/01/27 04:25:53

Re: httpd_sys_content_rw_t

Postby wedgeshot » 2010/01/30 01:10:20

I have never seen httpd_sys_content_rw_t ( Maybe they are working on that for the future versions ). Actually, I gave up on selinux in RH 4.. all the good things came in RH 5 which IMO has much better troubleshooting and management tools.

What process is trying to write to your directory?? Is it the web server of another external program.

You should not need to specifically state rw. I've seen allow_httpd_anon_write context but that is on RH5.

Can you elaborate a little more and post entries from your audit log?