httpd error

[sachinmcajnu]

i have installed apache server...........but when i run my site it gives

security alert by selinux saying..............


Summary:

SELinux is preventing /usr/sbin/httpd "read" access on title.jpg.

Detailed Description:

SELinux denied access requested by httpd. The current boolean settings do not
allow this access. If you have not setup httpd to require this access this may
signal an intrusion attempt. If you do intend this access you need to change the
booleans on this system to allow the access.

Allowing Access:

Confined processes can be configured to run requiring different access, SELinux
provides booleans to allow you to turn on/off access as needed. The boolean
httpd_read_user_content is set incorrectly.
Boolean Description:
Allow httpd to read user content


Fix Command:

# setsebool -P httpd_read_user_content 1

Additional Information:

Source Context unconfined_u:system_r:httpd_t:s0
Target Context unconfined_u:object_r:user_home_t:s0
Target Objects title.jpg [ file ]
Source httpd
Source Path httpd
Port <Unknown>
Host sachinchugh
Source RPM Packages httpd-2.2.15-1.fc12.2
Target RPM Packages
Policy RPM selinux-policy-3.6.32-121.fc12
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Plugin Name catchall_boolean
Host Name sachinchugh
Platform Linux sachinchugh 2.6.32.21-168.fc12.i686 #1 SMP
Wed Sep 15 16:25:04 UTC 2010 i686 i686
Alert Count 116
First Seen Thu 25 Nov 2010 06:18:50 PM EST
Last Seen Thu 25 Nov 2010 08:25:18 PM EST
Local ID 2c95ba7b-0455-423b-92df-d09a7beb1a2f
Line Numbers

Raw Audit Messages

node=sachinchugh type=AVC msg=audit(1290734718.971:24017): avc: denied { read } for pid=2927 comm="httpd" name="title.jpg" dev=sda6 ino=1054569 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file

node=sachinchugh type=SYSCALL msg=audit(1290734718.971:24017): arch=40000003 syscall=5 success=no exit=-13 a0=2aafb08 a1=88000 a2=0 a3=1021 items=0 ppid=2923 pid=2927 auid=500 uid=48 gid=489 euid=48 suid=48 fsuid=48 egid=489 sgid=489 fsgid=489 tty=(none) ses=1 comm="httpd" exe="/usr/sbin/httpd" subj=unconfined_u:system_r:httpd_t:s0 key=(null)


still after fixing the problem ...................
i am not able to achive formating.................in my web page

[Rubberman]

The message is pretty clear, to me at least. You have SELinux enabled and you don't have permissions to access the file in question. You need to check the permissions and ACLs on the file and directory it is in to verify that the httpd user account is configured properly. Either you need to adjust the file/directory permissions/ACLs, or you need to adjust the account running httpd and related applications. Other than that, there is no magic incantation that will fix this, AFAIK.

[Mudgen]

still after fixing the problem ...................
i am not able to achive formating.................in my web page

So you fixed the original problem? What happens now, and what errors do you see in the logs and/or the browser? You did a very good job of describing the original problem, now you just need to explain clearly what's occurring after fixing it and we may be able to help.

[indian_munnda]

@sachin

First, try doing same as SELinux is telling you to grant access. Set that boolean value to 1 means to turn on that boolean value. If that doesn't work then try checking context labels of your website directory...