Tam and Alan,
thanks for the package. That solved it.
Tam, what do I do with setools-console package?
Our Linux Admin was working on a test Apache server. Most of the
configuration was done by him, but he left the company. I am picking
up the left behind. Coming from the Windows side, I am new to many
aspects of Linux. Still learning my rope. The Scientific Linux
community has been extremely helpful and resourceful :D.
On 4/11/12, Tam Nguyen <[log in to unmask]> wrote:
> That error means you do not have the prerequisite package installs.
> Install the package:
>
> yum -y install policycoreutils-python
>
> Since we are on the SELinux topic, I would recommend you also install:
>
> yum -y install setools-console
>
> Btw, looking back at your first post about Apache authentication and access
> deny and allow, how did you manage to get your Apache to work in the first
> place, especially configuring SELinux settings?
>
>
> On Wed, Apr 11, 2012 at 10:53 AM, Terry Northren <[log in to unmask]>wrote:
>
>> Tam,
>> I followed your directions. I ran into an error when I executed the
>> semanage command:
>>
>> semanage fcontext -a -t httpd_sys_content_t public_html
>>
>> Here is my output error:
>> -bash: /usr/sbin/semanage: No such file or directory
>>
>> I went ahead and followed the rest of your tutorial. It worked!!
>> Does this mean I will have to re-configure SELinux after every reboot?
>>
>>
>> On 4/11/12, Tam Nguyen <[log in to unmask]> wrote:
>> > Not knowing the configuration of your httpd.conf file and the
>> configuration
>> > of the local users' home directory, there is no direct answer.
>> Therefore,
>> > my approach to your question is to give you a very basic setup, which
>> would
>> > allow users to access files in their home's directory. You can base off
>> of
>> > this to make it works on your machine.
>> > Before you do anything, backup your httpd.conf file.
>> > Even better, do this on a test VM.
>> >
>> > In the file httpd.conf, change these 2 directives to look like this:
>> >
>> > #UserDir disabled
>> >
>> > UserDir *public_html*
>> >
>> > this enables local users to access html files inside the the
>> *public_html *
>> > directory.
>> >
>> > Let's say we want UserX to have access to his/her home directory:
>> > mkdir /home/UserX*/public_html*
>> >
>> > Then create an html file in the *public_html *directory,
>> >
>> > Now comes the fun part, permission and SELinux :).
>> > Permission: Make sure UserX is the owner of the *public_html* directory
>> > and all files within it (hence, recursively).
>> > chown userx:userx *public_html*
>> >
>> > Directory and files need read and execute permission
>> > chmod 755
>> >
>> > Selinux: public_html and all files within must have one of these
>> > context
>> > types:
>> > httpd_sys_content_t
>> > or
>> > public_content_rw_t
>> >
>> > sample command:
>> > chcon -R -t httpd_sys_content_t *public_html
>> >
>> > *then make sure SELinux setting survives reboot, run command:
>> > semanage fcontext -a -t httpd_sys_content_t *public_html*
>> >
>> > verify the directory and do the same to all files inside *public_html*:
>> > ll -Z
>> >
>> > Finally, enable SELinux boolean:
>> > setsebool -P httpd_enable_homedirs on
>> >
>> > Restart Apache without interrupting the users:
>> > apachectl graceful
>> >
>> > Now access UserX' home directory:
>> > http://servername_or_ip_address/~userx/
>> >
>> > This is just a basic configuration to give you a general idea. You will
>> > have to customize the settings and permissions according to your
>> > server's
>> > needs.
>> >
>> > good luck
>> > -Tam
>> >
>> >
>> > On Mon, Apr 9, 2012 at 8:33 PM, Terry Northren <[log in to unmask]>
>> wrote:
>> >
>> >> Hi again,
>> >> on Apache server, how do I allow users to access files in their home
>> >> folders?
>> >>
>> >>
>> >>
>> >
>>
>
|