Selinux Tips

From NIEF Wiki

Revision as of 20:42, 11 January 2022 by Gtkrug (talk | contribs) (→‎Proxying)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

About

This page just has a few Selinux tips/reminders

File Access

If selinux is blocking access to files that httpd should be able to read it may be they are missing selinux flags:

semanage fcontext -a -t httpd_sys_content_t "[FILE OR PATH]"

Proxying

When proxying backend services with httpd, you typically need to do two things:

Allow http to make connections: setsebool -P httpd_can_network_connect on
Allow the ports for your backend connections: semanage port -a -t http_port_t -p tcp ####

Retrieved from "https://wiki.nief.org/index.php?title=Selinux_Tips&oldid=279"