Theresa Arzadon-Labajo

Website Baker and SELinux

Posted by Administrator (admin) on Apr 16 2009
Tech Stuff >> Website Baker

My personal website baker site is nfs mounted on the web server.

When trying to Add/Modify a Post, I get the error message:

" Error creating access file in the /pages directory (insufficient privileges)"

in the news/save_post.php, the page fails at:

if(!is_writable(WB_PATH.PAGES_DIRECTORY.'/posts/')) {
        $admin->print_error($MESSAGE['PAGES']['CANNOT_CREATE_ACCESS_FILE']);


I ran the script located at:
http://help.websitebaker.org/pages/en/knowledge-base/files-and-permissions.php

and it said that all my files were not writable, even though they were.  I also checked that my public_html directory was writable.

The only way, right now, for me to Add/Edit posts is to set SELinux to Permissive mode by doing

setenforce 0

and then enabling it after writing a post. 

setenforce 1

UPDATE: 4/20/09

Mounting a non-SELinux file system via NFS results in SELinux treating all the files in the share as having a context of nfs_t. To override the default context to say, system_u:object_r:tmp_t to SELinux:


mount -t nfs -o context=system_u:object_r:tmp_t server:/shared/foo /mnt/foo

I remounted the directory using the context "context=user_u:object_r:httpd_user_content_t"

It worked and I am able to Add/Modify Posts now.

UPDATE: 1/18/14

On RHEL6: # semanage boolean -m --on httpd_use_nfs The context is now "unconfined_u:object_r:httpd_user_content_t:s0"

Last changed: Jan 18 2014 at 4:29 PM

Back

Comments

No comment found

Add Comment