Apache with Security Enhanced Linux

This blog moved to a new location, please visit us at http://ramble.m2m.at.

From Quick HOWTO : Ch20 : The Apache Web Server:

Fedora Core 3 introduced the concept of security contexts as part of the Security Enhanced Linux (SELinux) definition. A Web page may have the right permissions, but the Apache httpd daemon won't be able to read it unless you assign it the correct security context or daemon access permissions. Context-related configuration errors will give "403 Forbidden" browser messages, and in some cases, you will get the default Fedora Apache page where your expected Web page should be.

... to view the security context:

ls -Z

... to set web context for the current folder and it's sub folders:

chcon -R -h -t httpd_sys_content_t .

Controlling Access to Services

This blog moved to a new location, please visit us at http://ramble.m2m.at.

ntsysv

This is a text-based application that allows you to configure which services are started at boot time for each runlevel. Non-xinetd services can not be started, stopped, or restarted using this program.

chkconfig

This is a command line utility that allows you to turn services on and off for the different runlevels. Non-xinetd services can not be started, stopped, or restarted using this utility.

[excerpt from Red Hat Enterprise Linux Deployment Guide]