Wednesday 18 October 2017

SELinux: Adding a trusted directory into the httpd policy

By default on CentOS 7 / RHEL the '/var/www' directory is not permitted as part of the httpd policy - so instead we need to use semanage command in order to add this directory:

semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/'

and then apply the context changes with:

restorecon -v /var/www/

you will also need to apply the context changes to any files within the directory as well e.g.:

restorecon -v /var/www/index.html


Post a Comment