I'll admit straight away here that SELinux was news to me 6mths ago when I installed Centos5 (RHEL5 equivalent) for the first time. Since then I've found out a little, mainly because I had to.
SELinux lurks like a rake in the grass and whangs you on the noggin just when you're 100% sure you know what you're doing.
For example SELinux was the culprit when a pretty simple perl DBI script wasn't allowed to connect to a remote database when run as a CGI script, but the same script worked fine as a shell script. And the error was no more than an unhelpful and inscruitable "Can't create TCP/IP socket (13)".
Its been a real pain, so here are two things you may wish to read...
When pain strikes reach for: How to Disable SELinux turning it off is a sure fire way to find out if it really is an SELinux problem.
Then when you want to turn it back on again read this: Apache and SELinux to find out how to configure it to allow httpd to do some things without opening the door to everything.
Danny Angus
blog.killerbees.co.uk
Danny Angus
Independent IT Consultant
"start apache anyway. There's stuff, yeah, apparently"
Labels
Passim
Thursday, June 12, 2008
Apache httpd & SELinux
Followers
Further Reading
-
Keyhole, of sorts2 days ago
-
Phish or Fair?1 week ago
-
We’re all dead3 weeks ago
-
ApacheCon NA 2011 – Friday1 month ago
-
A bacon spin on sushi: ikura baciri3 months ago
-
Twitter4 months ago
-
Worship me, for I am a xoogler7 months ago
-
Westin Tower - Atlanta1 year ago
-
Baseline 1.52 years ago
-
Boat For Sale5 years ago
I know nothing, I'm not a fortune teller, and you'd be insane to think that I am. This disclaimer was cribbed from an email footer I once received. It is so ridiculous I had to have it for myself.
Statements in this blog that are not purely historical are forward-looking statements including, without limitation, statements regarding my expectations, objectives, anticipations, plans, hopes, beliefs, intentions or strategies regarding the future. Factors that could cause actual results to differ materially from the forward looking statements include risks and uncertainties such as any unforeseen event or any unforeseen system failures, and other risks. It is important to note that actual outcomes could differ materially from those in such forward-looking statements.
Danny Angus Copyright © 2006-2010 (OMG that's four years of this nonsense)
Comments:
Thanks so much for this insight, I was having a major headache getting apache serving content from my NAS and a quick shut down of SELinux at least told me it wasn't my apache conf or my symlinks!
Post a Comment
blog comments powered by Disqus