Saturday, July 28, 2007

Allowing Web Access in SELinux using chcon

If you have experienced 403 errors with a RedHat-based distro such as CentOS or Fedora, you may be encountering Type Enforcement issues. This video illustrates one way they commonly originate and how to gain access when you're being forbidden.

What happens here:

  • user logs in to root (su or sudo preferred)
  • creates new user to generate home directory
  • creates index file in home directory
  • locates httpd.conf file
  • modifies VirtualHost entry to redirect requests
  • restarts apache
  • loads page, receives 403
  • sets chmod and chown values to be less restrictive (unnecessary)
  • reloads page to same 403 forbidden error
  • views security context with "ls -Z"
  • changes security context type with "chcon -T"
  • reloads and displays index page successfully

Consult the tutorial at intarwebz.com for more specific details.