Sounds like there may be some problems with your SELinux install, since that chcon command should work. SELinux is very much a moving target these days, and to really get into it you'd need to go to the Fedora SELinux mailing list. At a glance, it looks like your file system never got labeled properly. Try: touch /.autorelabel reboot It may take 5 to 10 minutes for the relabeling after reboot, so be patient. If that doesn't work, head over to the other mailing list. - Steve Brueckner, ATC-NY -----Original Message----- From: D. D. Brierton [mailto:darren@xxxxxxxxxxx] Sent: Tuesday, February 08, 2005 9:20 AM To: fedora-list@xxxxxxxxxx Subject: SELinux problem (was Re: Is httpd in FC3 chrooted???) On Tue, 2005-02-08 at 13:33 +0000, D. D. Brierton wrote: > Okay, it seems it's SELinux related. I'm currently reading my way > through > > http://fedora.redhat.com/docs/selinux-apache-fc3/ > > but if anyone has some advice I'd be grateful. Thanks! One problem is that it seems that most of the files in my /home partition don't have *any* SELinux security context, only newly created files do. Furthermore, the document above says that files in my home directory should have type "user_home_t", whereas in fact all of the newly created files in my home directory which do have a security context just have type "file_t". Sigh. I'm confused. This is a bit of a baptism by fire -- all I wanted to do was get on with my work and instead I've spent the morning learning about SELinux. I tried to use restorecon, but it segfaults: $ /sbin/restorecon -R -v /home/darren /sbin/restorecon reset context /home/darren:->system_u:object_r:user_home_dir_t Segmentation fault I need to use either chcon -R -t httpd_sys_content_t public_html or chcon -R -t httpd_user_content_t public_html I think, so that Apache can access the DocumentRoots of my VirtualHosts (they're all in ~/public_html/), but when I try either I get: chcon: can't apply partial context to unlabeled file public_html/ which I take to mean that I also need to supply values for -u and -r, but I don't what values I should be using. I'd really appreciate some help! Best, Darren -- ===================================================================== D. D. Brierton darren@xxxxxxxxxxx www.dzr-web.com Trying is the first step towards failure (Homer Simpson) ===================================================================== -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
