H
Herby
Guest
After migrating from 7.5.4 to 8.1 the domain path changed. So all php scripts (ie Mambo, Joomla, phpBB, osCommerce...) broke due to the abolute path given in their config files.
So I tried to symlink the dir with
ln -s /var/www/ /home/httpd
but then selinux generated a deny rule:
audit(1170486615.510:46): avc: denied { read } for pid=14851 comm="httpd" name="vhosts" dev=hdg1 ino=8011781 scontext=user_u:system_r:httpd_t tcontext=rootbject_r:user_home_t tclass=lnk_file
So again I generated a selinux rule with
tail -n 5 /var/log/messages | /usr/bin/audit2allow
allow httpd_t home_root_t:lnk_file getattr;
which I wrote in
/etc/selinux/targeted/src/policy/domains/program/apache.te
and loaded the config again with
make -C /etc/selinux/targeted/src/policy reload
But still the deny rule occurs in syslog.
What did I miss?
So I tried to symlink the dir with
ln -s /var/www/ /home/httpd
but then selinux generated a deny rule:
audit(1170486615.510:46): avc: denied { read } for pid=14851 comm="httpd" name="vhosts" dev=hdg1 ino=8011781 scontext=user_u:system_r:httpd_t tcontext=rootbject_r:user_home_t tclass=lnk_file
So again I generated a selinux rule with
tail -n 5 /var/log/messages | /usr/bin/audit2allow
allow httpd_t home_root_t:lnk_file getattr;
which I wrote in
/etc/selinux/targeted/src/policy/domains/program/apache.te
and loaded the config again with
make -C /etc/selinux/targeted/src/policy reload
But still the deny rule occurs in syslog.
What did I miss?