at first I'd like to mention that English is not my native language. Please bear with me if I make some little mistakes or struggle when trying to make my point. But now back to subject.
I've learned some basics about SELinux. I was told that the SELinux Boolean "httpd_enable_homedirs" would prevent access to Apache Userdirs even if the Apache is configured to run the Userdir-Module. So I setup an Apache with an enabled Userdir-Module, SELinux in Enforcing mode and the boolean httpd_enable_homedirs set to off. But whether the boolean is set on or off the access to the userdir is allowed. Could someone tell me what I did wrong or rather did not understand?
Here are my configuration:
Code: Select all
[root@centos ~]# cat /etc/centos-release
CentOS Linux release 7.2.1511 (Core)
[root@centos ~]# getenforce
Enforcing
[root@centos ~]# getsebool httpd_enable_homedirs
httpd_enable_homedirs --> off
[root@centos ~]# grep -v '#' /etc/httpd/conf.d/userdir.conf
<IfModule mod_userdir.c>
UserDir enabled
UserDir public_html
</IfModule>
<Directory "/home/*/public_html">
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
[root@centos ~]# curl http://localhost/~tronde/index.html
<h1>Hello User</h1>
[root@centos ~]#
Best regards,
Tronde