• 1
Last week I was also in this situation at work. I was preparing an internal web app to be migrated from a windows server to a RHEL one, and creating an RPM for it. I have to say that the docs were fantastic at https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/index.html

I went for httpd_sys_rw_content_t on the dirs that needed it, so chuffed that I got one of the good solutions! :) I was aware that I could have created a new type set, but since I don't have a lot of experience with SELinux yet, I decided on what seemed to be the simpler solution.

A colleague suggested "just disable SELinux". Boo. http://stopdisablingselinux.com/

  • 1

Log in