FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 07-30-2012, 03:26 PM
Steven Stern
 
Default Apache2 directory listing problem F16

On 07/30/2012 10:06 AM, Mark Haney wrote:
> On 07/30/2012 10:46 AM, Steven Stern wrote:
>> On 07/30/2012 08:41 AM, Mark Haney wrote:
>>> On 07/27/2012 01:22 PM, David Quigley wrote:
>
>>> Everything I've tried seems to end up with an SELinux error. I've got
>>> it disabled now, but haven't rebooted to see if that fixes it. It's
>>> strange, the troubleshooter offers a couple of commands to set SELinux
>>> correctly for what I want, but it still chokes on it.
>>>
>>>
>>>
>> If you copied files from some other directory into pics, then they
>> probably brought along their existing context. Go back to /var/www/html
>> and try "sudo restorecon -r *".
>>
>
> I've attached the full output of the troubleshooter just in case I
> managed not to include everything needed.
>
>
>
>
Run restorecon as suggested by the troubleshooter.

--
-- Steve
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-30-2012, 04:06 PM
Mark Haney
 
Default Apache2 directory listing problem F16

On 07/30/2012 11:26 AM, Steven Stern wrote:

If you copied files from some other directory into pics, then they
>>probably brought along their existing context. Go back to /var/www/html
>>and try "sudo restorecon -r *".
>>

>
>I've attached the full output of the troubleshooter just in case I
>managed not to include everything needed.
>
>
>
>

Run restorecon as suggested by the troubleshooter.


Yep, that did it. Sometimes I wonder if the devs of SELinux are sane.



--

Mark Haney
Software Developer/Consultant
AB Emblem
markh@abemblem.com
Linux marius.homelinux 3.4.4-4.fc16.x86_64 GNU/Linux
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-30-2012, 04:38 PM
Steven Stern
 
Default Apache2 directory listing problem F16

On 07/30/2012 11:06 AM, Mark Haney wrote:
> On 07/30/2012 11:26 AM, Steven Stern wrote:
>>>> If you copied files from some other directory into pics, then they
>>>> >>probably brought along their existing context. Go back to
>>>> /var/www/html
>>>> >>and try "sudo restorecon -r *".
>>>> >>
>>> >
>>> >I've attached the full output of the troubleshooter just in case I
>>> >managed not to include everything needed.
>>> >
>>> >
>>> >
>>> >
>> Run restorecon as suggested by the troubleshooter.
>
> Yep, that did it. Sometimes I wonder if the devs of SELinux are sane.
>
>
>
It would be nice if there were a cp option to adopt the context of the
target. Currently, -Z requires that you set the context. I suppose it's
a good idea to keep you from shooting yourself in the foot by coping a
file that shouldn't be visible on a web site.

--
-- Steve
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-30-2012, 04:48 PM
Rick Stevens
 
Default Apache2 directory listing problem F16

On 07/30/2012 09:38 AM, Steven Stern issued this missive::

On 07/30/2012 11:06 AM, Mark Haney wrote:

On 07/30/2012 11:26 AM, Steven Stern wrote:

If you copied files from some other directory into pics, then they

probably brought along their existing context. Go back to

/var/www/html

and try "sudo restorecon -r *".



I've attached the full output of the troubleshooter just in case I
managed not to include everything needed.





Run restorecon as suggested by the troubleshooter.


Yep, that did it. Sometimes I wonder if the devs of SELinux are sane.


They're sane. You have to understand just what they're trying to
accomplish and there's a lot of stuff to try to protect from. Try
looking at a grsec'd system if you want some "least privilege"
complexity.


It would be nice if there were a cp option to adopt the context of the
target. Currently, -Z requires that you set the context. I suppose it's
a good idea to keep you from shooting yourself in the foot by coping a
file that shouldn't be visible on a web site.


You can use "--preserve=context" to maintain the SELinux context of the
source file. You can't adopt the context of the target since you're
overwriting it. Makes sense if you think about it.

----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- Any sufficiently advanced technology is indistinguishable from a -
- rigged demo. -
----------------------------------------------------------------------
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-30-2012, 06:40 PM
Daniel J Walsh
 
Default Apache2 directory listing problem F16

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/30/2012 11:06 AM, Mark Haney wrote:
> On 07/30/2012 10:46 AM, Steven Stern wrote:
>> On 07/30/2012 08:41 AM, Mark Haney wrote:
>>> On 07/27/2012 01:22 PM, David Quigley wrote:
>
>>> Everything I've tried seems to end up with an SELinux error. I've got
>>> it disabled now, but haven't rebooted to see if that fixes it. It's
>>> strange, the troubleshooter offers a couple of commands to set SELinux
>>> correctly for what I want, but it still chokes on it.
>>>
>>>
>>>
>> If you copied files from some other directory into pics, then they
>> probably brought along their existing context. Go back to /var/www/html
>> and try "sudo restorecon -r *".
>>
>
> I've attached the full output of the troubleshooter just in case I managed
> not to include everything needed.
>
>
>
>


I blogged about your problem.

http://danwalsh.livejournal.com/56534.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlAW1TUACgkQrlYvE4MpobNBGACcDVi9aQgO8C cWNqZAbcHdZwNh
WGEAn1nxnkknQ71Z2hfKbj80ovZWEBD8
=jcI2
-----END PGP SIGNATURE-----
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-31-2012, 11:19 AM
Tim
 
Default Apache2 directory listing problem F16

On Mon, 2012-07-30 at 11:38 -0500, Steven Stern wrote:
> It would be nice if there were a cp option to adopt the context of
> the target.

If you copy, the files get the right context based on the filepath for
where they're copied to. i.e. If you cp homepage.html /var/www/html/
the homepage.html file will be given normal contexts for /var/www/html/
(which are the right ones to webserve your files).

If you move it, then the original contexts of the file go with the copy.
If you created the file outside of the webserving directory tree, it
will keep those non-webserving contexts. But a move of a working
webservable file between places within /var/www/html won't be a problem,
as it'll already have the right contexts, whether that be moving between
directories, or just moving the file for a rename.

--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.



--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 

Thread Tools




All times are GMT. The time now is 05:14 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org