Inicio > security, unix/linux, web > Fedora 12 + Httpd + Userdir + SElinux Works

Fedora 12 + Httpd + Userdir + SElinux Works

sábado, 30 de enero de 2010 Dejar un comentario Ir a comentarios

Fedora 12 + Httpd + Userdir + SElinux Works

First install LAMP stack see the guide on HowtoForge

replace $USER for your username

mkdir $USER/public_html
firefox http://localhost/~$USER/

If you see only Forbidden (403), don’t worry, do this:

I made a patch file (if you made custom changes on httpd.conf don’t use this file, do manual changes)

Install patch on your system and patch httpd.conf

yum install patch

my patch file:

--- httpd-patch.conf	2010-01-30 14:59:51.811850034 -0800
+++ httpd.conf	2010-01-30 14:25:04.527864263 -0800
@@ -349,14 +349,15 @@
     # of a username on the system (depending on home directory
     # permissions).
     #
-    UserDir disabled
+    #UserDir disabled
+    UserDir enabled $USER
 
     #
     # To enable requests to /~user/ to serve the user's public_html
     # directory, remove the "UserDir disabled" line above, and uncomment
     # the following line instead:
     # 
-    #UserDir public_html
+    UserDir public_html
 
 </IfModule>
 
@@ -364,18 +365,18 @@
 # Control access to UserDir directories.  The following is an example
 # for a site where these directories are restricted to read-only.
 #
-#<Directory /home/*/public_html>
-#    AllowOverride FileInfo AuthConfig Limit
-#    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-#    <Limit GET POST OPTIONS>
-#        Order allow,deny
-#        Allow from all
-#    </Limit>
-#    <LimitExcept GET POST OPTIONS>
-#        Order deny,allow
-#        Deny from all
-#    </LimitExcept>
-#</Directory>
+<Directory /home/*/public_html>
+    AllowOverride FileInfo AuthConfig Limit
+    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+    <Limit GET POST OPTIONS>
+        Order allow,deny
+        Allow from all
+    </Limit>
+    <LimitExcept GET POST OPTIONS>
+        Order deny,allow
+        Deny from all
+    </LimitExcept>
+</Directory>
 
 #
 # DirectoryIndex: sets the file that Apache will serve if a directory

next do:

patch /etc/httpd/httpd.conf < patch1.txt
chmod 711 /home/$USER
chmod 755 /home/$USER/public_html
chcon -R -t httpd_sys_content_t /home/$USER/public_html
setsebool -P httpd_enable_homedirs 1

now:

firefox http://localhost/~$USER/

Done.

Categories: security, unix/linux, web Tags: , ,
  1. minjun
    sábado, 15 de mayo de 2010 a las 19:53 | #1
    Responder | Citar
    Surfing Safari 531.21.10 Safari 531.21.10 on Mac OS Mac OS

    That’s very useful to me.
    Thank you very much!

  2. Ian Dee
    jueves, 3 de junio de 2010 a las 09:47 | #2
    Responder | Citar
    Surfing Firefox 3.6.3 Firefox 3.6.3 on Fedora Fedora

    Very useful, it also works on fedora 13.

    would you teach me to fish? how did you know that these commands were needed to make it work?

    chcon -R -t httpd_sys_content_t /home/$USER/public_html
    setsebool -P httpd_enable_homedirs 1

    where can i read that documentation? I wanna learn to fish heh :-)

  3. albertux
    jueves, 3 de junio de 2010 a las 09:55 | #3
    Responder | Citar
  4. gmadi
    sábado, 12 de junio de 2010 a las 20:10 | #4
    Responder | Citar
    Surfing Firefox 3.6.3 Firefox 3.6.3 on Windows 7 Windows 7

    good tutorial…

  1. Sin trackbacks aún.

Switch to our mobile site