Albertux~# ./Blog » selinux http://albertux.ayalasoft.com 61 20 64 65 76 65 6c 6f 70 65 72 20 6c 69 66 65 Thu, 01 Jul 2010 16:23:33 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 2008 albertoi7@gmail.com (Albertux~# ./Blog) albertoi7@gmail.com (Albertux~# ./Blog) posts 1440 http://ayalasoft.com/img/podcast02.jpg Albertux~# ./Blog » selinux http://albertux.ayalasoft.com 144 144 After three days without programming, life becomes meaningless. Albertux~# ./Blog Albertux~# ./Blog albertoi7@gmail.com no no Fedora 12 + Httpd + Userdir + SElinux Works http://albertux.ayalasoft.com/2010/01/30/fedora-12-httpd-userdir-selinux-works/ http://albertux.ayalasoft.com/2010/01/30/fedora-12-httpd-userdir-selinux-works/#comments Sun, 31 Jan 2010 00:02:01 +0000 albertux http://albertux.ayalasoft.com/?p=2443 Fedora 12 + Httpd + Userdir + SElinux Works is a post from: Albertux~# ./Blog

]]> Fedora 12 + Httpd + Userdir + SElinux Works

First install LAMP stack see the guide on HowtoForge

replace $USER for your username

mkdir $USER/public_html
firefox http://localhost/~$USER/

If you see only Forbidden (403), don’t worry, do this:

I made a patch file (if you made custom changes on httpd.conf don’t use this file, do manual changes)

Install patch on your system and patch httpd.conf

yum install patch

my patch file:

--- httpd-patch.conf	2010-01-30 14:59:51.811850034 -0800
+++ httpd.conf	2010-01-30 14:25:04.527864263 -0800
@@ -349,14 +349,15 @@
     # of a username on the system (depending on home directory
     # permissions).
     #
-    UserDir disabled
+    #UserDir disabled
+    UserDir enabled $USER
 
     #
     # To enable requests to /~user/ to serve the user's public_html
     # directory, remove the "UserDir disabled" line above, and uncomment
     # the following line instead:
     # 
-    #UserDir public_html
+    UserDir public_html
 
 </IfModule>
 
@@ -364,18 +365,18 @@
 # Control access to UserDir directories.  The following is an example
 # for a site where these directories are restricted to read-only.
 #
-#<Directory /home/*/public_html>
-#    AllowOverride FileInfo AuthConfig Limit
-#    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-#    <Limit GET POST OPTIONS>
-#        Order allow,deny
-#        Allow from all
-#    </Limit>
-#    <LimitExcept GET POST OPTIONS>
-#        Order deny,allow
-#        Deny from all
-#    </LimitExcept>
-#</Directory>
+<Directory /home/*/public_html>
+    AllowOverride FileInfo AuthConfig Limit
+    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+    <Limit GET POST OPTIONS>
+        Order allow,deny
+        Allow from all
+    </Limit>
+    <LimitExcept GET POST OPTIONS>
+        Order deny,allow
+        Deny from all
+    </LimitExcept>
+</Directory>
 
 #
 # DirectoryIndex: sets the file that Apache will serve if a directory

next do:

patch /etc/httpd/httpd.conf < patch1.txt
chmod 711 /home/$USER
chmod 755 /home/$USER/public_html
chcon -R -t httpd_sys_content_t /home/$USER/public_html
setsebool -P httpd_enable_homedirs 1

now:

firefox http://localhost/~$USER/

Done.

Fedora 12 + Httpd + Userdir + SElinux Works is a post from: Albertux~# ./Blog

]]> http://albertux.ayalasoft.com/2010/01/30/fedora-12-httpd-userdir-selinux-works/feed/ 4