Apache httpd & SELinux

I'll admit straight away here that SELinux was news to me 6mths ago when I installed Centos5 (RHEL5 equivalent) for the first time. Since then I've found out a little, mainly because I had to.

SELinux lurks like a rake in the grass and whangs you on the noggin just when you're 100% sure you know what you're doing.

For example SELinux was the culprit when a pretty simple perl DBI script wasn't allowed to connect to a remote database when run as a CGI script, but the same script worked fine as a shell script. And the error was no more than an unhelpful and inscruitable "Can't create TCP/IP socket (13)".

Its been a real pain, so here are two things you may wish to read...

When pain strikes reach for: How to Disable SELinux turning it off is a sure fire way to find out if it really is an SELinux problem.

Then when you want to turn it back on again read this: Apache and SELinux to find out how to configure it to allow httpd to do some things without opening the door to everything.