Selinux enforced problem

General support questions
Post Reply
binateso
Posts: 1
Joined: 2021/02/18 08:10:29

Selinux enforced problem

Post by binateso » 2021/02/18 08:26:35

I can't view my website if I enable selinux enforced. If I disable it I can get to my site.
I did this command but nothing:
setsebool -P httpd_can_network_connect on

User avatar
TrevorH
Forum Moderator
Posts: 30314
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Selinux enforced problem

Post by TrevorH » 2021/02/18 13:31:41

Run aureport -a and look a the end of the output. Check the timestamps on the last few entries there and for each one that looks like it might be around the time you last tried to access your site, run ausearch -a nnnn where nnnn is the number from the right hand end of the line of aureport -a output that you are interested in. That will tell you what files it tried to access that caused the problem.

The most likely explanation is that you are not serving content from out of /var/www/html or some other directory known to selinux as being places that httpd can access. The easiest solution is to move your content from the non-standard location its in now to /var/www/html or one of its subdirectories.

The next most likely explanation is that you unzipped/untarred your content or copied it from some other user's home directory and then moved it to /var/www/html. If you do that then mv moves the old locations' selinux info over to the new location and it's incorrect. To fix that is best done by running restorecon -RFv /var/www/html or whatever dir you are using.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply

Return to “CentOS 7 - General Support”