search for: httpd_sys_rw_content_t

Displaying 14 results from an estimated 14 matches for "httpd_sys_rw_content_t".

2016 Oct 17
3
SELinux context not applied
Hi, I tried to apply a security context on a directory with the following commands: [root@ local]# semanage fcontext -a -t httpd_sys_rw_content_t "netdot(/.*)?" [root@ local]# restorecon -R netdot/ When I list the contexts, it is part of the list.... [root@ local]# semanage fcontext -l | grep netdot ./netdot(/.*)? all files system_u:object_r:httpd_sys_rw_content_t:s0 ... but does not appear o...
2017 May 01
2
selinux problem policies
Hello, On Sonntag, 30. April 2017 18:40:23 CEST Gordon Messmer wrote: > On 04/30/2017 07:03 AM, G?nther J. Niederwimmer wrote: > > I write this! > > > > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ > > typo3conf(/.*)?" > > OK. Did you get an error? I have only Errors ;-). when I like to set this Rule ? semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ typo3conf(/.*)?" This Errors are displayd ? neverallow check fail...
2017 Apr 30
3
selinux problem policies
Hello, My problem is to add selinux policies can any help to say what is wrong with my policies I write this! semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ typo3conf(/.*)?" I have more instances from typo3 I found this construct in the selinux policies "/var/www/html(/.*)?/uploads(/.*)?" but my is not working ? and I have only errors? neverallow check failed at /etc/selinux/targeted/tmp/modules/100/selinux...
2012 Jun 15
1
Puppet + Passenger SELinux issues
...fig_t, httpd_dirsrvadmin_rw_content_t, httpd_prewikka_rw_content_t, httpd_w3c_validator_rw_content_t, httpd_awstats_rw_content_t, httpd_user_rw_content_t, httpdcontent, httpd_cobbler_rw_content_t, httpd_munin_rw_content_t, httpd_bugzilla_rw_content_t, httpd_cvs_rw_content_t, httpd_git_rw_content_t, httpd_sys_rw_content_t, httpd_sys_rw_content_t, httpd_nagios_rw_content_t, httpd_nutups_cgi_rw_content_t, httpd_mediawiki_rw_content_t, httpd_apcupsd_cgi_rw_content_t, httpd_squid_rw_content_t, httpd_smokeping_cgi_rw_content_t allow httpd_t puppet_var_lib_t:dir { read write create add_name }; allow httpd_t puppet_var_li...
2017 Nov 21
1
File access in Apache 2.4 (clarification)
At 09:24 AM 11/21/2017, Jonathan Billings wrote: >On Nov 21, 2017, at 11:42, david <david at daku.org> wrote: > > > > Folks > > > > I'm having file-access problems in Apache 2.4 > under Centos 7. In particular: > > > > - I have a file that's readable to every user > and every application, (writeable by only one > user), but my CGI
2020 Jul 26
1
tmpfs / selinux issue
...ot;allow init_t httpd_var_run_t:filesystem remount;" but is this >> not a bit of overkill? >> >> Any hints about what the cause is? >> >> I'd really appreciate any ideas on this. >> > > > Hi Leon, > > have you tried mounting with 'httpd_sys_rw_content_t' instead of 'httpd_var_run_t' ? > The latter is the standard selinux context. So I prefer to go with it. umount /var/lib/php/session restorecon -v -R /var/lib/php/ # LANG=C ls -laZ /var/lib/php/session total 8 drwxrwx---. 2 root apache system_u:object_r:httpd_var_run_t:s0 40...
2020 Jul 25
3
tmpfs / selinux issue
Hi all, I have some AVC in the logs and wonder how to resolve this: Under EL8 (enforcing SElinux) I have /var/lib/php/session mounted as tmpfs. # tail -1 /etc/fstab tmpfs /var/lib/php/session tmpfs defaults,noatime,mode=770,gid=apache,size=16777216,context="system_u:object_r:httpd_var_run_t:s0" 0 0 # df -a |grep php tmpfs 16384 0 16384 0%
2016 Oct 17
0
SELinux context not applied
Hello Bernard, On Mon, 2016-10-17 at 09:10 -0400, Bernard Fay wrote: > I tried to apply a security context on a directory with the following > commands: > > [root@ local]# semanage fcontext -a -t httpd_sys_rw_content_t "netdot(/.*)?" > [root@ local]# restorecon -R netdot/ Try using absolute paths in your commands and see if that fixes your issue. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research
2017 Apr 30
0
selinux problem policies
On 04/30/2017 07:03 AM, G?nther J. Niederwimmer wrote: > I write this! > > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ > typo3conf(/.*)?" OK. Did you get an error? > I have more instances from typo3 > I found this construct in the selinux policies > "/var/www/html(/.*)?/uploads(/.*)?" > > but my is not working ? Can you be specific about what "not...
2017 May 01
0
selinux problem policies
On 04/30/2017 07:24 PM, G?nther J. Niederwimmer wrote: > when I like to set this Rule ? > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ > typo3conf(/.*)?" > > This Errors are displayd ? > neverallow check failed at /etc/selinux/targeted/tmp/modules/100/selinuxutil/ > cil:244 I see, now. What happens if you run "find /etc/selinux/targeted/tmp"? I'm not sure if you'...
2020 Jul 26
0
tmpfs / selinux issue
Hi Leon, have you tried mounting with 'httpd_sys_rw_content_t' instead of 'httpd_var_run_t' ? Best Regards, Strahil Nikolov ?? 25 ??? 2020 ?. 14:20:19 GMT+03:00, Leon Fauster via CentOS <centos at centos.org> ??????: >Hi all, > >I have some AVC in the logs and wonder how to resolve this: Under >EL8 (enforcing SElinux) I have...
2014 Jun 27
1
SELinux context for web application directories
CentOS-6.5 We deploy web applications written with the Ruby on Rails framework using Capistrano (2.x). Each 'family' of web applications are 'owned' by a dedicated user id. The present httpd service is Apache 2.2.15 and we use Passenger 3.0.11. We are moving shortly to a new deployment host and at that time we will be updating to Apache 2.4.9 and Passenger 4..0.25. Our
2017 Dec 03
0
Apache and web content permissions
...erited by new files. Also, don't forget that /var/www by default has the SELinux context httpd_sys_content_t, which will not allow writes regardless of octal permissions or ACLs. Wrap up by changing the context of directories you've determined should be writeable: semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/mysite/wp-content/uploads(/.*)?" restorecon -R /var/www/mysite/ TL;DR my process is: - Make a list of real humans that need to work on the site - Assume the web server user should have at least read access on all files in the site documentroot, or we'd put them somewhere el...
2017 Dec 02
7
Apache and web content permissions
Hi, Until a few months ago, when I had to setup a web server under CentOS, I assigned (I'm not sure about the correct english verb for "chown"ing) all the web pages to the apache user and group. To give you an example, let's say I have a static website under /var/www/myserver on a CentOS server running Apache. Then I would configure permissions for the web content like this: #