Assigning web content types
For standard web server configurations (without SELinux), access rights on resources for a web server are purely based on the ownership of the files (and the access mask applied to it). With SELinux, the resources can be labeled more specifically towards their functional meaning.
Web applications have content that should be read-only and content that should be read-write, but there are also specific types for resources such as .htaccess
files. In this recipe, we'll look at the various web server content types and apply them to the right resources.
How to do it…
Execute the following steps to assign specific web content types to the right resources:
Take a look at the available content types for web servers by asking SELinux to show us all types that have the
httpdcontent
attribute set:~$ seinfo –ahttpdcontent –x httpdcontent httpd_sys_content_t httpd_user_ra_content_t httpd_user_rw_content_t httpd_nagios_content_t …
Query the existing policy for...