I'll admit straight away here that SELinux was news to me 6mths ago when I installed Centos5 (RHEL5 equivalent) for the first time. Since then I've found out a little, mainly because I had to.
SELinux lurks like a rake in the grass and whangs you on the noggin just when you're 100% sure you know what you're doing.
For example SELinux was the culprit when a pretty simple perl DBI script wasn't allowed to connect to a remote database when run as a CGI script, but the same script worked fine as a shell script. And the error was no more than an unhelpful and inscruitable "Can't create TCP/IP socket (13)".
Its been a real pain, so here are two things you may wish to read...
When pain strikes reach for: How to Disable SELinux turning it off is a sure fire way to find out if it really is an SELinux problem.
Then when you want to turn it back on again read this: Apache and SELinux to find out how to configure it to allow httpd to do some things without opening the door to everything.
Strengthening the Infra team
-
Since before the start of COVID-19, the Infrastructure team had one open
staff position. We have been able to fill it this year with a strong
addition to...
3 days ago
Comments:
Thanks so much for this insight, I was having a major headache getting apache serving content from my NAS and a quick shut down of SELinux at least told me it wasn't my apache conf or my symlinks!
blog comments powered by Disqus