SE Linux woes

Hey all,

For the two people on Earth who don't yet know it, I'm running Fedora Core 5 from Redhat. You probably also know that this comes equipped with SE Linux, which I've left on for, well, enhanced security.

I'm hosting a website on the system and want to post some pictures as part of the site. I'm coding my HTML manually
and am calling my images with a standard <IMG SRC="mypic.jpg"> tag. Trouble is, when I point my browser to the server's webpage and try to view the images, I get "broken gif" images. If I try posting a link to the image with <A HREF blah blah </A> instead, I get "403 forbidden" when I click on the link.

I've never had this problem before I switched to using later versions of FC that have SE Linux installed, so I've reason to suspect it's the problem. Any ideas?

Matt

Addendum: I've already double-checked that file permissions on the images files themselves are set correctly and that the HTML code is referring to the right pathname in the <IMG SRC> tag.

try disable selinux by using
/usr/sbin/setenforce 0

Then run your webpage to see whether it works or not. If yes. It means the root problem lies at selinxu. You can edit the policy file to get it work.

try

setsebool httpd_disable_trans 1

Quote:

Originally Posted by cylarz Hey all, For the two people on Earth who don't yet know it, I'm running Fedora Core 5 from Redhat. You probably also know that this comes equipped with SE Linux, which I've left on for, well, enhanced security. I'm hosting a website on the system and want to post some pictures as part of the site. I'm coding my HTML manually and am calling my images with a standard <IMG SRC="mypic.jpg"> tag. Trouble is, when I point my browser to the server's webpage and try to view the images, I get "broken gif" images. If I try posting a link to the image with <A HREF blah blah </A> instead, I get "403 forbidden" when I click on the link. I've never had this problem before I switched to using later versions of FC that have SE Linux installed, so I've reason to suspect it's the problem. Any ideas? Matt

A file needs to have the right "context" to be accessible by Apache. Files created in the /var/www/html directory will inherit the correct context; but if you move files from other places, it won't have the correct context. You can restore context with the "restorecon" command, like:

Code:

restorecon mypic.jpg

or

Code:

restorecon -R /var/www/html

Turning off security is not a good idea.

edit file /etc/selinux/config.
set SELINUX=disable
your problem wil be solved.

Quote:

Originally Posted by cylarz ...I'm coding my HTML manually and am calling my images with a standard <IMG SRC="mypic.jpg"> tag. Trouble is, when I point my browser to the server's webpage and try to view the images, I get "broken gif" images. If I try posting a link to the image with <A HREF blah blah </A> instead, I get "403 forbidden" when I click on the link. I've never had this problem before I switched to using later versions of FC that have SE Linux installed...

Now that's hardened.

Quote:

Originally Posted by akamol edit file /etc/selinux/config. set SELINUX=disable your problem wil be solved.

disabling security solves problems? Well I think SElinux is implemented for a reason

If in fact it is SElinux. He just needs to set the proper SElinux permissions with chcon command

If security gets in the way of usability, then disabling (some) security does solve the problem. A typical desktop PC user really has no need for SELinux at all. Running an Apache web server though... well, if it uses a public IP disabling SELinux might not be such a good idea.