CentOS

I have a website where adding pictures works as :
- upload to special FTP
- from admin site I "Add pics to special% catalog"
(it moves pics from upload catalog , resize it and should upload it to specified folder in 3 subfolders with watermark added)
It looks like this :
/www/
/www/pics/
/www/pics/upload/
/www/pics/folder1/mini
/www/pics/folder1/normal
/www/pics/folder1/zoom
/www/pics/folder2/mini
etc.

I tryed :
semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/www/pics(/.*)?"
restorecon -Rv /path/to/pics/

Unfortunally it does not work. Disable selinux makes it work.

Stick it in permissive mode, recreate the problem, use the audit logs to see what is being denied and why.

Useful resources for SELinux: http://wiki.centos.org/HowTos/SELinux | http://wiki.centos.org/TipsAndTricks/SelinuxBooleans | http://docs.fedoraproject.org/en-US/Fed ... ced_Linux/ | http://www.youtube.com/watch?v=bQqX3RWn0Yw | http://opensource.com/business/13/11/se ... licy-guide | http://freecomputerbooks.com/The-SELinu ... tions.html

Thanks for response : looks like its working anyway.
Not sure why only reason I see is turn off/on selinux but it shouldn't change anything ?

If you literally "turned it off" as in disabled it, then yes, it probably does make a difference. I suspect that when you re-enable it after being disabled then it will run a full filesystem relabel which would correct any mislabled files that were present. OTOH, if you meant "turned it off" as in setenforce 0 and going permissive, then no, it should make no difference.