Subscribe:

Ads 468x60px

Pages

Tuesday, June 21, 2011

Restore SELinux security labels context to html files

Issue: I stored my HTML pages in the root filesystem(/) then i was copied those file to apache home directory(/var/www/html). When i was accessing these pages from browser, it is showing error. Not displaying the page. Problem was Selinux Blocking the context of the apache files. How do I set back the file security contexts to specific files or directories under SElinux enabled kernel?



Solution: If files or directories copied from source to destination then you need to restore back SELinux security labels.
Use restorecon command to set file security contexts. This command is primarily used to set the security context (extended attributes) on one or more files. It can be run at any time to correct errors, to add support for new policy, or with the -n option it can just check whether the file contexts are all as you expect.

Create a html file in the root file system(/)
# cat > index.html
This is my 1st html page
ctrl+c


Move the index.html file to /var/www/html location
# mv index.html /var/www/html/


To view SELinux label
# ls -ldz /var/www/html/index.html


To re-label all the files under the correct security context:
# restorecon -Rv /var/www/html/index.html


Whereas 
-R: Change files and directories file labels recursively
-v: Show changes in file labels.


To view SELinux label
# ls -ldz /var/www/html/index.html

0 comments:

Post a Comment