我目前正在学习 SELinux。我按照中的说明进行操作RedHat的SELinux文档。输入以下命令后,我确实成功了:
mkdir /mywebsite
//add something to /mywebsite/index.html
semanage fcontext -a -t httpd_sys_content_t "/mywebsite(/.*)?"
restorecon -R -v /mywebsite //everythins worked well by then
但后来我做了更多的事情:
chcon -R -t httpd_sys_content_t /mywebsite //I can't access index.html now, as expected
restorecon -R -v /mywebsite //Still can't access index.html!!
semanage fcontext -a -t httpd_sys_content_t "/mywebsite(/.*)?"
restorecon -R -v /mywebsite //didn't work, either
ls -dZ /mywebsite // unconfined_u:object_r:httpd_sys_content_t:s0
Firefox 中的错误信息是:
Forbidden
You don't have permission to access /index.html on this server.
我错过了什么吗?或者这是一个错误?我的操作系统是 Fedora 20 和 Apache 2.4.7。
答案1
您可以从目录克隆配置/var/www/html:
chcon -R --reference=/var/www/html /path/to/your/project
答案2
我的错。这不是 SELinux 的错。红帽教程并不完整。我们还应该将以下内容添加到 httpd 配置文件(对于 apache httpd 2.4):
<Directory "/mywebsite">
AllowOverride None
# Allow open access:
Require all granted
</Directory>