Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: users public_html access: msg#00166
|
Subject: |
Re: users public_html access |
Sorry. I'm new to Fedora and SE Linux. Forgot to look in
/var/log/audit/audit.log. There are many avc messages in
/var/log/audit/audit.log, but the ones that I think are relevant to
this are repeats of:
type=AVC msg=audit(1122050110.135:15537760): avc: denied
{ getattr } for pid=
3517 comm="httpd" name="<user name edited for security>"
dev=hdc1 ino=10780673 scontext=root:system_r:httpd
_t tcontext=root:object_r:file_t tclass=dir
The user's home directory does not have the same security permissions
as the user's public_html directory since the How To did not specify
that it needed to be any more than have the permissions of 711.
Regards,
John
Daniel J Walsh wrote:
John
Griffiths wrote:
None when I try to access the user's
public_html. There are some from when I turned enforcing off and back
on.
Jul 22 12:35:07 gei dbus: avc: received setenforce notice
(enforcing=0)
Jul 22 12:35:07 gei dbus: avc: received setenforce notice
(enforcing=0)
Jul 22 12:36:01 gei dbus: avc: received setenforce notice
(enforcing=1)
Jul 22 12:36:01 gei dbus: avc: received setenforce notice
(enforcing=1)
That was when I was confirming that I could see the user's public_html.
You looked in both /var/log/audit/audit.log and /var/log/messages?
John
Daniel J Walsh wrote:
John Griffiths wrote:
I cannot get users public_html content to
publish in FC4. I keep getting "You don't have permission to access
/~<user>/ on this server." I can access the user's public_html
when I change SELinux to Permissive.
I searched the archives and did not find anything, and I followed the
direction in section 4 of "Understanding and Customizing the Apache
HTTP SELinux Policy" which was written for FC3.
The httpd booleans are:
httpd_builtin_scripting active
httpd_can_network_connect active
httpd_disable_trans inactive
httpd_enable_cgi active
httpd_enable_homedirs active
httpd_ssi_exec active
httpd_suexec_disable_trans inactive
httpd_tty_comm inactive
httpd_unified active
The security setting on the user's public_html and the files in the
directory is user_u:object_r:httpd_sys_content_t . Obviously the
standard UGW permissions are OK since turning off SELinux allows the
content to be accessed.
What am I missing, or is this a bug?
Thanks,
John Griffiths
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
Any avc messages?
|
|
| |
