User:Chris Tyler/Chris Tyler's Guide to Surviving OPS235 Assignment 2 with SELinux Enabled

From CDOT Wiki

< User:Chris Tyler

Jump to: navigation, search

OPS235 Assignment 2 can be tricky with SELinux enabled. Here are some tips to get you through...

Contents

1 SELinux Tips
- 1.1 MediaWiki and SELinux
- 1.2 diskfree.cgi Script
2 General Tips

SELinux Tips

MediaWiki and SELinux

Switch SELinux to permissive mode during MediaWiki configuration: setenforce 0
Once configured, copy the LocalSettings.php file from /var/www/wiki/config to /var/www/wiki as directed by the message on the screen.
Switch SELinux to enforcing mode after MediaWiki configuration: setenforce 1

diskfree.cgi Script

The permissions on the file /var/log/httpd/suexec.log and the directory /var/log/httpd may need to be adjusted:

touch /var/log/httpd/suexec.log
chown apache:apache /var/log/httpd/suexec.log
chmod 0755 /var/log/httpd
chmod 0660 /var/log/httpd/suexec.log

Use a SELinux file context of httpd_user_script_exec_t on your diskfree.cgi script
Permanently enable the SELinux boolean httpd_enable_homedirs using the setsebool command with appropriate options.

General Tips

If Apache is not doing what you expect, look in the log files in /var/log/httpd
Check your clock. If you clock is off, the error message times listed in /var/log/httpd may be wrong too.

Retrieved from "https://wiki.cdot.senecapolytechnic.ca/w/index.php?title=User:Chris_Tyler/Chris_Tyler%27s_Guide_to_Surviving_OPS235_Assignment_2_with_SELinux_Enabled&oldid=84447"