SELinux configuration (Redhat, RHEL, CentOS)

Editions: Light, Community, Professional, Enterprise, Ultimate, Corporate
Versions: 3.6.0+

This article describes the SELinux configuration for a ViMP webhosting. It´s been tested under Red Hat 6 + 7 but should work with any Linux distribution
We assume that the ViMP installation folder is
/var/www/html/

First we install some tools

yum install -y policycoreutils-python-utils
yum install -y setroubleshoot

We configure the ViMP directories for SELinux with the following commands

semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?"
semanage fcontext -a -t httpd_log_t "/var/www/html/log(/.*)?"
semanage fcontext -m -t httpd_sys_rw_content_t "/var/www/html/log(/.*)?"
semanage fcontext -a -t httpd_cache_t "/var/www/html/cache(/.*)?"
semanage fcontext -m -t httpd_sys_rw_content_t "/var/www/html/cache(/.*)?"
semanage fcontext -a -t httpd_cache_t "/var/www/html/web/cache(/.*)?"
semanage fcontext -m -t httpd_sys_rw_content_t "/var/www/html/web/cache(/.*)?"
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/userdata(/.*)?"
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/web/images(/.*)?"
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/plugins(/.*)?"

setsebool -P httpd_can_network_connect on

And in a final step set the labels for the directories and make the rules persistent:

restorecon -Rv /var/www/html

That´s it and apache2/httpd should deliver your ViMP website immediately after reloading it.

Last update on 2020/11/04 by SUPPORT.

Go back