SELinux

phpWebSite works with SELinux... at least, if your php, web server, and database also work with SELinux.

However, if you've checked out or otherwise untarred phpWebSite into a web-accessible place, your contexts are probably all wrong. Here's how to fix them.

The entire system requires a SELinux context of httpd_sys_content_t, which allows Apache to read the filesystem. Change directories to the root of your phpWebSite installation, and:

sudo chcon -t httpd_sys_content_t -R .

Then, you need to allow Apache to WRITE to certain directories, which requires the SELinux context of httpd_sys_rw_content_t:

sudo chcon -t httpd_sys_rw_content_t -R config/ files/ images/ logs/

AFTER you have installed phpWebSite, for added security, you can remove the writable context from config:

sudo chcon -t httpd_sys_content_t -R config/

And that's it! The above is all that you need to do on RHEL6 or CentOS6 with Apache HTTPD and SELinux Enforcing. There may be additional requirements for other webservers or other distributions.

If you are connecting to a PostgreSQL database, connect by socket by leaving 'host' blank at installation time. If you set 'host' to localhost, you will encounter an SELinux error. However, if you are doing anything more complicated than connecting to a local database over Unix sockets, then you should know how to properly configure SELinux. It's easier than you've heard; check out the following link for a great video on why you should be using SELinux:

http://stopdisablingselinux.com/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

SELinux

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally