HPE Community
Operating System - Linux
1819684 Members
3349 Online
109605 Solutions
New Discussion юеВ

audit with httpd tried to use file system at diff partition

 
SOLVED
Go to solution
Tammy Liang
Regular Advisor

тАО01-23-2007 08:52 AM

тАО01-23-2007 08:52 AM

audit with httpd tried to use file system at diff partition

I got error message below after I try to start apache httpd daemon. I also see kernel: audit: avc: denied message in /var/log/messages file.

Starting httpd: Syntax error on line 265 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory

kernel: audit(1169587778.590:13): avc: denied { search } for pid=5072 comm="httpd" name="/" dev=sdb2 ino=2 scontext=root:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=dir
take easy, enjoy life
0 Kudos
Reply
6 REPLIES 6
Tammy Liang
Regular Advisor

тАО01-23-2007 09:13 AM

тАО01-23-2007 09:13 AM

Re: audit with httpd tried to use file system at diff partition

From the message for /var/log/messages file,
looks audit is involved.
How can I set audit or permission on
partition?

Thanks for any help and reply.

take easy, enjoy life
0 Kudos
Reply
Ivan Krastev
Honored Contributor

тАО01-23-2007 10:01 AM

тАО01-23-2007 10:01 AM

Re: audit with httpd tried to use file system at diff partition

Take a look at this part:
Starting httpd: Syntax error on line 265 of /etc/httpd/conf/httpd.conf:
DocumentRoot must be a directory


fix document root for apache.


regards,
ivan
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО01-23-2007 10:38 AM

тАО01-23-2007 10:38 AM

Solution

Re: audit with httpd tried to use file system at diff partition

Shalom,

By default if you enabled SELINUX you will not be permitted a rootdocument for httpd server outside the /var filesystem.

Choices:
Totally disable selinux
Change selinux configuration to permit this.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Tammy Liang
Regular Advisor

тАО01-24-2007 03:15 AM

тАО01-24-2007 03:15 AM

Re: audit with httpd tried to use file system at diff partition

There is /users/web directory which is defined in DocumentRoot.

I don't think I have SElinux turned it on.
How can I check? How can i turn it off?

Thanks.
take easy, enjoy life
0 Kudos
Reply
Ivan Krastev
Honored Contributor

тАО01-24-2007 08:54 AM

тАО01-24-2007 08:54 AM

Re: audit with httpd tried to use file system at diff partition

Use: sestatus
to obtain status of selinux.

For configuration use: system-config-securitylevel

There you can disable selinux for specific daemons - apache for example.


regards,
ivan
Reply
Tammy Liang
Regular Advisor

тАО01-24-2007 08:57 AM

тАО01-24-2007 08:57 AM

Re: audit with httpd tried to use file system at diff partition

Thanks, I got SElinux to enable apache to write to /users directory.
take easy, enjoy life
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.