June 6, 2008 – 9:27 am

With the end of the financial year coming up, I’ve been doing a lot of machine change overs for clients. One of the things I’ve been trying to do where possible is make the installed software play nice with SELinux, so this post is a brain dump for the setsebool statements need to get the bits working. Huge thanks to Ralph Angenendt for his list of SELinux Booleans on the Centos Wiki (and thanks to Jim Perrin for blogging about it!)

vsFTPd returns “500 OOPS: cannot change directory /home/abc” when user logs in.
“/usr/sbin/setsebool -P ftp_home_dir=1″

Bind can’t write zone files to the /var/named/chroot/var/named directory when acting as a slave*
“/usr/sbin/setsebool -P named_write_master_zones=1″

{Drupal|Wordpress|mediawiki} fail to connect to database when first installed
“/usr/sbin/setsebool -P httpd_can_network_connect_db=1″

Nagios doesn’t like working, but doesn’t actually complain..
/usr/sbin/setsebool -P allow_httpd_nagios_script_anon_write=1″

*Yes, I know they should live in the var/named/slave path, but I was building a backup master server for the site which used a bespoke application to read information from the var/named directory, and for whatever reason couldn’t be set to read said files from the var/named/slave directory.

