I have a website where adding pictures works as :
- upload to special FTP
- from admin site I "Add pics to special% catalog"
(it moves pics from upload catalog , resize it and should upload it to specified folder in 3 subfolders with watermark added)
It looks like this :
/www/
/www/pics/
/www/pics/upload/
/www/pics/folder1/mini
/www/pics/folder1/normal
/www/pics/folder1/zoom
/www/pics/folder2/mini
etc.
I tryed :
semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/www/pics(/.*)?"
restorecon -Rv /path/to/pics/
Unfortunally it does not work. Disable selinux makes it work.
SElinux policy and write permissions in /www
Re: SElinux policy and write permissions in /www
Stick it in permissive mode, recreate the problem, use the audit logs to see what is being denied and why.
Useful resources for SELinux: http://wiki.centos.org/HowTos/SELinux | http://wiki.centos.org/TipsAndTricks/SelinuxBooleans | http://docs.fedoraproject.org/en-US/Fed ... ced_Linux/ | http://www.youtube.com/watch?v=bQqX3RWn0Yw | http://opensource.com/business/13/11/se ... licy-guide | http://freecomputerbooks.com/The-SELinu ... tions.html
Useful resources for SELinux: http://wiki.centos.org/HowTos/SELinux | http://wiki.centos.org/TipsAndTricks/SelinuxBooleans | http://docs.fedoraproject.org/en-US/Fed ... ced_Linux/ | http://www.youtube.com/watch?v=bQqX3RWn0Yw | http://opensource.com/business/13/11/se ... licy-guide | http://freecomputerbooks.com/The-SELinu ... tions.html
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Re: SElinux policy and write permissions in /www
Thanks for response : looks like its working anyway.
Not sure why only reason I see is turn off/on selinux but it shouldn't change anything ?
Not sure why only reason I see is turn off/on selinux but it shouldn't change anything ?
Re: SElinux policy and write permissions in /www
If you literally "turned it off" as in disabled it, then yes, it probably does make a difference. I suspect that when you re-enable it after being disabled then it will run a full filesystem relabel which would correct any mislabled files that were present. OTOH, if you meant "turned it off" as in setenforce 0 and going permissive, then no, it should make no difference.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke