I'll admit straight away here that SELinux was news to me 6mths ago when I installed Centos5 (RHEL5 equivalent) for the first time. Since then I've found out a little, mainly because I had to.
SELinux lurks like a rake in the grass and whangs you on the noggin just when you're 100% sure you know what you're doing.
For example SELinux was the culprit when a pretty simple perl DBI script wasn't allowed to connect to a remote database when run as a CGI script, but the same script worked fine as a shell script. And the error was no more than an unhelpful and inscruitable "Can't create TCP/IP socket (13)".
Its been a real pain, so here are two things you may wish to read...
When pain strikes reach for: How to Disable SELinux turning it off is a sure fire way to find out if it really is an SELinux problem.
Then when you want to turn it back on again read this: Apache and SELinux to find out how to configure it to allow httpd to do some things without opening the door to everything.
Statement by The Apache Software Foundation Board of Directors
-
It is with a mix of sadness and appreciation that the ASF Board accepted
the resignations of Board Member Jim Jagielski, Chairman Phil Steitz, and
Executiv...
2 hours ago
Comments:
Thanks so much for this insight, I was having a major headache getting apache serving content from my NAS and a quick shut down of SELinux at least told me it wasn't my apache conf or my symlinks!
blog comments powered by Disqus