Forbidden Errors (SELinux)

You may experience a “forbidden error” when attempting to access a users public web site (http://localhost/~alice), this is generally because the permissions are either set incorrectly, or SELinux is set to “Enforcing” mode which blocks the standard suexec call needed by the Apache server. Common error is the “/home/username” permissions.

To temporarily disable SELinux so you can test the access permissions, type “setenforce 0” at the command prompt. Typing “setenforce 1” sets SELinux back to Enforcing mode.

Use the following commands to permanently adjust the SELinux file security context so Apache can access user’s public web sites.

### SELinux ONLY – Enable User Website
[bash]# setsebool -P httpd_enable_homedirs true
[bash]# chcon -v -R -h -u user_u -t httpd_user_content_t /home/*/public_html
### SELinux ONLY – Disable User Website
[bash]# setsebool -P httpd_enable_homedirs false
[bash]# chcon -v -R -h -u user_u -t user_home_t /home/*/public_html

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: