I don’t do configuration every day so some things elude me. Especially when selinux is involved.
So this happened to me the other day when I setup a new web site on my server and as usual, I added a config file for it. Immediately after reloading apache, I got the Permission Denied error when reading the config file for the newly created default.conf file.
Took some googling to get to the bottom of it:
(just to confirm it’s selinux)
[root@localhost conf]# sestatus
SELinux status: enabled
[root@localhost conf]# [root@localhost sites]# ls -Z
-rw-r–r– root root root:object_r:default_t default.conf
-rw-r–r– root root root:object_r:httpd_config_t site1.conf
-rw-r–r– root root root:object_r:httpd_config_t site2.conf
[root@localhost sites]# chcon -t httpd_config_t default.conf
[root@localhost sites]# ls -Z
-rw-r–r– root root root:object_r:httpd_config_t default.conf
-rw-r–r– root root root:object_r:httpd_config_t site1.conf
-rw-r–r– root root root:object_r:httpd_config_t site2.conf
Same goes on the site folders and files.
And it’s all good now. I’ll probably make some script to create these things automatically so I won’t have to deal with these issues every other year when I decide to put up a new site.