21 minutes ago
Danny Angus
Labels
- nonsense (128)
- planetapache (46)
- internet (41)
- pictures (31)
- awards (28)
- james (25)
- java (24)
- apachecon (15)
- personality cult (15)
- mailet (14)
- glasgow (12)
- apache (11)
- blogger (11)
- mobile (9)
- demolition (7)
- milestones (7)
- election (6)
- spam (4)
- work (4)
- classcastexception (3)
- plumbing (3)
- seen-from-space (2)
- blogger planetapache (1)
- dba-for-dummies (1)
- drivebusiness (1)
- php (1)
- rwc (1)
- soa (1)
Thursday, June 12, 2008
Apache httpd & SELinux
I'll admit straight away here that SELinux was news to me 6mths ago when I installed Centos5 (RHEL5 equivalent) for the first time. Since then I've found out a little, mainly because I had to.
SELinux lurks like a rake in the grass and whangs you on the noggin just when you're 100% sure you know what you're doing.
For example SELinux was the culprit when a pretty simple perl DBI script wasn't allowed to connect to a remote database when run as a CGI script, but the same script worked fine as a shell script. And the error was no more than an unhelpful and inscruitable "Can't create TCP/IP socket (13)".
Its been a real pain, so here are two things you may wish to read...
When pain strikes reach for: How to Disable SELinux turning it off is a sure fire way to find out if it really is an SELinux problem.
Then when you want to turn it back on again read this: Apache and SELinux to find out how to configure it to allow httpd to do some things without opening the door to everything.
Further Reading
-
-
3 hours ago
-
1 day ago
-
5 days ago
-
1 week ago
-
2 weeks ago
-
1 month ago
-
1 month ago
-
2 months ago
-
8 months ago
-
1 year ago
-
1 year ago
-
2 years ago
Danny Angus Copyright © 2009
0 comments:
Post a Comment