Setting up mod_selinux
In the next set of recipes, we use an Apache module called mod_selinux to make Apache SELinux-aware and to support configurable transitions. In other words, the context in which Apache is running is no longer a statically defined context, but can be changed according to the administrators' needs.
In this recipe, we will install mod_selinux from its source as many Linux distributions do not offer it by default, even though it is a very powerful addition to the web server (which is also why support for mod_selinux is often called Apache/SELinux Plus).
How to do it…
You can set up mod_selinux through the following steps:
Download the sources from https://github.com/kaigai/mod_selinux.
Make sure that the Apache development headers (
httpd-develon Red Hat or Fedora systems) are installed.Build and install the
mod_selinuxshared library for Apache usingapxs:~# apxs -c -i mod_selinux.cNote
It may be possible that the build fails with an error about
client_ip. If that is the...
