Selinux
Jump to navigation
Jump to search
Internal
Overview
How to Find Out Whether SELinux is Enabled
getenforce
If SELinux is enabled, the command will return "Enforcing".
Configuration
Install Management and Troubleshooting Tools
yum provides /usr/sbin/semanage yum provides sealert
yum -y install policycoreutils-python yum -y install setroubleshoot-server
Troubleshooting
Diagnose SELinux Problems
If you have a suspicion that SELinux may be at the root of your problems, run:
sealert -a /var/log/audit/audit.log
You may get an output similar to the following one, which helps diagnose the problem:
found 1 alerts in /var/log/audit/audit.log -------------------------------------------------------------------------------- SELinux is preventing /usr/sbin/httpd from write access on the file manager.node.nodes.lock. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that httpd should be allowed write access on the manager.node.nodes.lock file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep httpd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp [...]
Permission Denied when Trying to Write in a Directory
TODO, rationalize the following content: Media_Wiki_Installation#Fails_to_upload_images_with_.27Fatal_exception_of_type_.22MWException.22.27.