Re: audit with httpd tried to use file system at diff partition

Tammy Liang · ‎01-23-2007

I got error message below after I try to start apache httpd daemon. I also see kernel: audit: avc: denied message in /var/log/messages file.

Starting httpd: Syntax error on line 265 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory

kernel: audit(1169587778.590:13): avc: denied { search } for pid=5072 comm="httpd" name="/" dev=sdb2 ino=2 scontext=root:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=dir

take easy, enjoy life

Tammy Liang · ‎01-23-2007

From the message for /var/log/messages file,
looks audit is involved.
How can I set audit or permission on
partition?

Thanks for any help and reply.

take easy, enjoy life

Ivan Krastev · ‎01-23-2007

Take a look at this part:
Starting httpd: Syntax error on line 265 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory

fix document root for apache.

regards,
ivan

Steven E. Protter · ‎01-23-2007

Shalom,

By default if you enabled SELINUX you will not be permitted a rootdocument for httpd server outside the /var filesystem.

Choices:
Totally disable selinux
Change selinux configuration to permit this.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Tammy Liang · ‎01-24-2007

There is /users/web directory which is defined in DocumentRoot.

I don't think I have SElinux turned it on.
How can I check? How can i turn it off?

Thanks.

take easy, enjoy life

Ivan Krastev · ‎01-24-2007

Use: sestatus
to obtain status of selinux.

For configuration use: system-config-securitylevel

There you can disable selinux for specific daemons - apache for example.

regards,
ivan

Tammy Liang · ‎01-24-2007

Thanks, I got SElinux to enable apache to write to /users directory.

take easy, enjoy life

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: audit with httpd tried to use file system at diff partition

audit with httpd tried to use file system at diff partition