at first I'd like to mention that English is not my native language. Please bear with me if I make some little mistakes or struggle when trying to make my point. But now back to subject.
I've learned some basics about SELinux. I was told that the SELinux Boolean "httpd_enable_homedirs" would prevent access to Apache Userdirs even if the Apache is configured to run the Userdir-Module. So I setup an Apache with an enabled Userdir-Module, SELinux in Enforcing mode and the boolean httpd_enable_homedirs set to off. But whether the boolean is set on or off the access to the userdir is allowed. Could someone tell me what I did wrong or rather did not understand?
Here are my configuration:
Code: Select all
[root@centos ~]# cat /etc/centos-release CentOS Linux release 7.2.1511 (Core) [root@centos ~]# getenforce Enforcing [root@centos ~]# getsebool httpd_enable_homedirs httpd_enable_homedirs --> off [root@centos ~]# grep -v '#' /etc/httpd/conf.d/userdir.conf <IfModule mod_userdir.c> UserDir enabled UserDir public_html </IfModule> <Directory "/home/*/public_html"> AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec Require method GET POST OPTIONS </Directory> [root@centos ~]# curl http://localhost/~tronde/index.html <h1>Hello User</h1> [root@centos ~]#