I'm going over some practice exams for RHCSA 6 (sitting it in 3 weeks). Most of it is a cakewalk, but SElinux is somewhat confusing. It's not something we use on a daily basis, and even with the system-config-selinux GUI I find it frustrating.
I was requested to change the Apache document root to /www/html. The suggested solution has a stage in which you change the file context to the same one as /var/www/html's.
I do this:
[root@server1 ~]# semanage fcontext -a -t httpd_sys_content_t "/www(/.*)?" No errors, but changes don't seem to take effect (even after reboot):
[root@server1 ~]# ls -Z /www drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 cgi-bin drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 error drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 html drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 icons drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 manual drwxr-xr-x. webalizer root unconfined_u:object_r:default_t:s0 usage This is the file context I'm supposed to have:
[root@server1 ~]# ls -Z /var/www/html/ -rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html What am I doing wrong? For the record, SElinux is enabled and enforcing right now:
[root@server1 ~]# sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: enforcing Policy version: 24 Policy from config file: targeted Any advice would be appreciated. Thanks in advance.
[link][8 comments]