Page 1 of 1

SElinux policy and write permissions in /www

Posted: 2020/05/29 11:42:22
by gokihar
I have a website where adding pictures works as :
- upload to special FTP
- from admin site I "Add pics to special% catalog"
(it moves pics from upload catalog , resize it and should upload it to specified folder in 3 subfolders with watermark added)
It looks like this :
/www/
/www/pics/
/www/pics/upload/
/www/pics/folder1/mini
/www/pics/folder1/normal
/www/pics/folder1/zoom
/www/pics/folder2/mini
etc.

I tryed :
semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/www/pics(/.*)?"
restorecon -Rv /path/to/pics/

Unfortunally it does not work. Disable selinux makes it work.

Re: SElinux policy and write permissions in /www

Posted: 2020/05/29 12:03:03
by TrevorH

Re: SElinux policy and write permissions in /www

Posted: 2020/05/29 12:21:34
by gokihar
Thanks for response : looks like its working anyway.
Not sure why only reason I see is turn off/on selinux but it shouldn't change anything ?

Re: SElinux policy and write permissions in /www

Posted: 2020/05/29 15:28:00
by TrevorH
If you literally "turned it off" as in disabled it, then yes, it probably does make a difference. I suspect that when you re-enable it after being disabled then it will run a full filesystem relabel which would correct any mislabled files that were present. OTOH, if you meant "turned it off" as in setenforce 0 and going permissive, then no, it should make no difference.