LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-02-2006, 03:02 AM   #1
JungleNut
LQ Newbie
 
Registered: Dec 2005
Location: Australia
Distribution: Fedora Core 8
Posts: 17

Rep: Reputation: 0
Issues with selinux?


I installed FC6 three days ago as a clean install, and transferred all my data from the old FC4 that I had been running. Everything was going fine until today I messed with the selinux settings and now I get 403 errors everytime I try to open pages in either /var/www/html or in ~/public_html

I have had issues with selinux before and got around it simply by disabling it, but nothing I do today makes any difference. I have tried it with the firewall on and off, with selinux on and off, and with permissive and enforcing policies.

This is the current version of /etc/selinux/config and I am still getting the 403s:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
I have reset the file permissions and ownerships, httpd.conf is ok and I have rebooted several times just for good measure

What else could be causing this?
 
Old 11-02-2006, 05:19 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,017
Blog Entries: 54

Rep: Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764
Everything was going fine until today I messed with the selinux settings
So, what did you change then?
 
Old 11-02-2006, 09:11 PM   #3
JungleNut
LQ Newbie
 
Registered: Dec 2005
Location: Australia
Distribution: Fedora Core 8
Posts: 17

Original Poster
Rep: Reputation: 0
I got it working, and it was a permissions issue, although I dont know why it is behaving this way.

The httpd.conf file states:
Quote:
# The path to the end user account 'public_html' directory must be
# accessible to the webserver userid. This usually means that ~userid
# must have permissions of 711, ~userid/public_html must have permissions
# of 755, and documents contained therein must be world-readable.
# Otherwise, the client will only receive a "403 Forbidden" message.
That was exactly what I had. Today I changed my home directory to 755 and voila, its working

And another thing - using konquerer in superuser mode, my home directory has a different icon (with a little red circle on the folder) to the standard folder icon. Something odd going on here...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
security, desktop, selinux, samba issues ciscohead Fedora 1 01-07-2006 05:14 PM
selinux.h ? DJ Shaji Red Hat 1 03-26-2005 12:57 PM
Do I need SELinux? Please help! xbennyboy Linux - Software 2 01-02-2005 05:23 PM
what is SELINUX?? masand Linux - Security 3 09-02-2004 07:57 AM
Selinux fedorafreak Fedora 2 08-15-2004 09:41 AM


All times are GMT -5. The time now is 07:12 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration