Visit Jeremy's Blog.
Go Back > Blogs > sag47
User Name


Rate this Entry

SELinux and Apache ProxyPass

Posted 12-07-2011 at 12:39 PM by sag47
Updated 08-05-2012 at 12:58 AM by sag47

Today I was having trouble getting a httpd ProxyPass and ProxyPassReverse to work. As a background I'm working in RedHat Enterprise Linux 6.1. It took me a while to figure out what was wrong (longer than it should have) and as it turns out it worked after I disabled SELinux. So my configs were correct in /etc/httpd/conf.d/* and it passed all config tests. I'm sure you don't want to read a whole post of talking so I'll just get right into the grit of the commands. For the rest of the explanation you can use the man pages. I'm assuming a higher level audience in this post though with man pages anyone can learn.

tail -f /var/log/httpd/error_log
#shows an error
setenforce 0
#config works so enable selinux again
setenforce 1
getsebool --help
getsebool -a
getsebool -a | grep ^httpd
cat /var/log/audit/audit.log | audit2allow -v
#audit2allow will tell us what entries can be enabled to allow selinux to work
setsebool httpd_can_network_relay on
#test config so does it work?  Yes
#make sure selinux was still on
#now save the changes to be permanent for when the machine reboots.
setsebool -P httpd_can_network_relay on
Yay for speed blogging! I feel better now that it's out of the way.
Views 9689 Comments 0
« Prev     Main     Next »
Total Comments 0




All times are GMT -5. The time now is 09:45 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration