SElinux causing Apache/httpd problem on Fedora 6
I have web server running on Fedora core 6. I didn't use the default httpd; compiled apache2 myself. The web server is fine from localhost. But if I try to access it from other machine or internet, it's always Connection Time out.
I have SELinux setting at the default "enforcing". If I set it to permissive, all web access are fine. However, i'd like to keep the server as safe as possible, so i want to find out if it's possible to modify the selinux setting to allow apache to work, but still enforcing other security policy.
I do see all the inbound web access in the messages file -
xxxx kernel: Inbound IN=eth0 OUT= MAC=xx SRC=xxx DST=xxx LEN=44 TOS=0x00 P
REC=0x00 TTL=51 ID=3160 DF PROTO=TCP SPT=24591 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
I also tried "disable selinux protection over httpd". It didn't make any difference. Not sure if it's because i'm not using the default httpd.
It is because you're not using the default httpd.
If you need to use your custom httpd, install setroubleshoot, start setroubleshootd, and then after an SELinux denial, either run the SELinux Troubleshooter from the menu, if you have gnome installed you can click the start that shows up in the system tray, or else run
If you don't have any GUI installed, the following command will generate an HTML file you can view with any standard browser like lynx:
|All times are GMT -5. The time now is 06:19 PM.|