Subject: | |
From: | |
Reply To: | |
Date: | Wed, 11 Apr 2012 10:53:35 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Tam,
I followed your directions. I ran into an error when I executed the
semanage command:
semanage fcontext -a -t httpd_sys_content_t public_html
Here is my output error:
-bash: /usr/sbin/semanage: No such file or directory
I went ahead and followed the rest of your tutorial. It worked!!
Does this mean I will have to re-configure SELinux after every reboot?
On 4/11/12, Tam Nguyen <[log in to unmask]> wrote:
> Not knowing the configuration of your httpd.conf file and the configuration
> of the local users' home directory, there is no direct answer. Therefore,
> my approach to your question is to give you a very basic setup, which would
> allow users to access files in their home's directory. You can base off of
> this to make it works on your machine.
> Before you do anything, backup your httpd.conf file.
> Even better, do this on a test VM.
>
> In the file httpd.conf, change these 2 directives to look like this:
>
> #UserDir disabled
>
> UserDir *public_html*
>
> this enables local users to access html files inside the the *public_html *
> directory.
>
> Let's say we want UserX to have access to his/her home directory:
> mkdir /home/UserX*/public_html*
>
> Then create an html file in the *public_html *directory,
>
> Now comes the fun part, permission and SELinux :).
> Permission: Make sure UserX is the owner of the *public_html* directory
> and all files within it (hence, recursively).
> chown userx:userx *public_html*
>
> Directory and files need read and execute permission
> chmod 755
>
> Selinux: public_html and all files within must have one of these context
> types:
> httpd_sys_content_t
> or
> public_content_rw_t
>
> sample command:
> chcon -R -t httpd_sys_content_t *public_html
>
> *then make sure SELinux setting survives reboot, run command:
> semanage fcontext -a -t httpd_sys_content_t *public_html*
>
> verify the directory and do the same to all files inside *public_html*:
> ll -Z
>
> Finally, enable SELinux boolean:
> setsebool -P httpd_enable_homedirs on
>
> Restart Apache without interrupting the users:
> apachectl graceful
>
> Now access UserX' home directory:
> http://servername_or_ip_address/~userx/
>
> This is just a basic configuration to give you a general idea. You will
> have to customize the settings and permissions according to your server's
> needs.
>
> good luck
> -Tam
>
>
> On Mon, Apr 9, 2012 at 8:33 PM, Terry Northren <[log in to unmask]> wrote:
>
>> Hi again,
>> on Apache server, how do I allow users to access files in their home
>> folders?
>>
>>
>>
>
|
|
|