Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.



You might not want to use any of the NSA links posted there (wink) (wink)

Or some better, more or less up to date, documentation.


Other than understanding file and process context. the single most important things to know, are:


Now you can test, and use audit2why to understand what's wrong. Use audit2allow to create a SELinux module, but please check what it allows. you might allow an NSA backdoor to work (wink) (wink)


The setenforce 0 will actually give you all the gory details that would be encountered after fixing the first problem, or the next, or the one after that.



You'll use this tool a lot, ignore any and all documentation telling you to use "chcon", chcon was the way to go until RHEL5, but it won't persist in case of a relabeling, or even restorecon.

  • Create a rule for the filecontext of path /usr/local/share/roundcubemail/temp:

    No Format
    semanage fcontext --add --type httpd_sys_rw_content_t "/usr/local/share/roundcubemail/temp(/.*)?"

  • And apply:

    No Format
    restorecon -R /usr/local/share/roundcubemail/temp


Also see:

  • Widget Connector