Apache Userdir with SELinux on Fedora 31/30, CentOS/RHEL 8.0/7.7 - Comment Page: 1

This is quick guide howto enable Apache userdirs with SELinux on Fedora 31/30/29/28, CentOS 8.0/7.7/6.10 and Red Hat (RHEL) 8.0/7.7/6.10. This guide assumes that you have Apache (httpd) server installed on your system. This guide uses separeted userdir.conf without touching httpd.conf so later default httpd.conf can be overrided or whole configuration moved simply. This guide uses user called testuser and should be replaced by real user name(s). [inttf_post_ad1] Enable Apache Userdirs 1. Change root user su - ## OR ## sudo -i 2. Create /etc/httpd/conf.d/userdir.conf file Open file, with our favorite editor, like: nano -w...

59 comments on “Apache Userdir with SELinux on Fedora 31/30, CentOS/RHEL 8.0/7.7 - Comment Page: 1

1 2 3
    1. […] PeÅ‚ny artykuÅ‚ na: Apache Userdir with SELinux on Fedora 13, CentOS 5.5, Red Hat … […]

      Reply
    2. Nice one, there are actually some good facts on this post many of my subscribers just might find this useful, I will send them a link, thank you

      Reply
    3. Works! Nice :)

      I found out that if I set UseCanonicalName On in /etc/httpd/conf/httpd.conf – apache is changing localhost in the browser to the ServerName specified in httpd.conf and the pages in ~/public_html are not loading at all. So I set UseCanonicalName Off again :)

      Best,
      Jozsef

      Reply
    4. Or else,
      It could be fixed in /etc/hosts by adding:
      127.0.0.1 nameOFtheSERVER

      :)

      Best,
      Jozsef

      Reply
    5. I follow your step html is working but php just show me blank screen.

      Is there any light on how and why?

      Best!
      Fhon

      Reply
      • Hi Fhon,

        Is your PHP working on any other dir?
        Is it working example on /var/www/html dir?

        Reply
    6. Hi JR,

      Php is working on /var/www/html

      but not /home/user/public_html

      When try to access test.php file it just show download the file.
      Run test.html work show the page without problem.

      Best!
      Fhon

      Reply
      • Hi again Fhon,

        A few additional questions.

        What operating system (and version) are you using?

        Did you execute following command?

        
        chcon -R -t httpd_sys_content_t /home/testuser/public_html
        

        Post following commands output:

        
        sed '/^ *#/d;s/#.*//' /etc/httpd/conf.d/{php,userdir}.conf
        
        ## AND ##
        
        ls -laZ ~/public_html/
        
        Reply
        • Hello,

          I have the same problem as Fhon

          and here is my output for those commands:

          
          
            LoadModule php5_module modules/libphp5.so
          
          
            LoadModule php5_module modules/libphp5-zts.so
          
          
          AddHandler php5-script .php
          AddType text/html .php
          
          DirectoryIndex index.php
          
          sed: can't read /etc/httpd/conf.d/userdir.conf: No such file or directory
          

          userdir.conf didn’t exists because I enable the mod directly from httpd.conf, and here is the configuration for userdir:

          
          
              AllowOverride All
              Options MultiViews Indexes FollowSymLinks Includes
              Order allow,deny
              Allow from all
          
          

          and here is output from ls command:

          
          drwxr-xr-x. server webdev unconfined_u:object_r:httpd_sys_content_t:s0 .
          drwx--x--x. server server unconfined_u:object_r:user_home_dir_t:s0 ..
          -rwxr-xr-x. server server unconfined_u:object_r:httpd_sys_content_t:s0 test.php
          -rwxr-xr-x. server server unconfined_u:object_r:httpd_sys_content_t:s0 test.php~
          -rw-rw-r--. server server unconfined_u:object_r:httpd_sys_content_t:s0 text.html
          -rw-rw-r--. server server unconfined_u:object_r:httpd_sys_content_t:s0 text.html~
          

          Is there something wrong with my configuration?

          Reply
          • Hi Adods,

            Is PHP working normally on /var/www/html directory?

            Is HTML files working normally from user directory?

            Could you post your full httpd.conf file and full path of your Apache userdir what you are using?

            Reply
            • sed ‘/^ *#/d;s/#.*//’ /etc/httpd/conf.d/{php,userdir}.conf

              LoadModule php5_module modules/libphp5.so

              LoadModule php5_module modules/libphp5-zts.so

              AddHandler php5-script .php
              AddType text/html .php

              DirectoryIndex index.php

              UserDir enabled
              UserDir public_html

              Options Indexes Includes FollowSymLinks

              AllowOverride All
              Allow from all

              Order deny,allow

              ls -laZ ~/public_html/

              drwxr-xr-x. brad brad unconfined_u:object_r:httpd_sys_content_t:s0 .
              drwx--x--x. brad brad unconfined_u:object_r:user_home_dir_t:s0 ..
              -rw-rw-r--. brad brad unconfined_u:object_r:httpd_sys_content_t:s0 index.html
              -rw-rw-r--. brad brad unconfined_u:object_r:httpd_sys_content_t:s0 index.html~
              -rw-rw-r--. brad brad unconfined_u:object_r:httpd_sys_content_t:s0 test.php
              drwxrwxr-x. brad brad unconfined_u:object_r:httpd_sys_content_t:s0 thwart

              Reply
              • Hi BT,

                Thanks, do you have some problem with it?

                Reply
                • was having issues, got it resolved. Not exactly sure how I fixed it, but its working now :) Thanks guys!

                  Reply
    7. Great Tutorials, thanks you.

      On Fedora 14 I had to :

      setsebool -P httpd_read_user_content 1

      Reply
    8. […] Fuente: if-not-true-then-false […]

      Reply
    9. Hi JR,

      I’m running Fedora 14
      I followed this tutorial to first install mysql, and then to install Apache (httpd) with php, the PHP test page creation succeed but not the last test remote connection.
      And also while enabling Apache Userdir i couldn’t succeed and got this error in the browser: “Not Found
      The requested URL /~testuser/ was not found on this server.
      Apache/2.2.17 (Fedora) Server at localhost Port 80”

      Please help i’m a new user.
      Thanks!

      Reply
      • Hi Doufanat,

        What problems you have with remote connections? Do you opened iptables firewall port? Or are you behind some other firewall?

        Do you actually have testuser with home dir on your Linux? Could you check your apache error_logs and post last errors here when you try to access testuser dir?

        Reply
    10. Hi,

      I have some access problem

      [[email protected] Xia]# chown testuser:testuser /home/testuser/public_html
      chown: invalid user: `testuser:testuser’
      [[email protected] Xia]# chmod 755 /home/tesuser/public_html
      chmod: cannot access `/home/tesuser/public_html’: No such file or directory
      [[email protected] Xia]#

      Need help please

      Reply
      • Hi,

        So it looks like, that you don’t have testuser. I used this testuser just an example here…so if your username is example doufanat then you should use doufanat instead of testuser.

        Reply
        • Hi JR

          Thanks a lot, I’ve finished enabling Apache userdirs and it succeed, but the problem with the test remote connection till remain.

          How to check my Apache error_logs? how to check either the port is open or not.

          Best

          Reply
          • Hi Doufanat,

            Actually you don’t need Apache error_logs anymore if yoy get userdirs working… :)

            First check, you could run following command:

            
            iptables -L
            

            Then next thing is ensure that you have own and public ip address?

            Reply
    11. Hi JR

      This is result of iptables -L

      [[email protected] Xia]# iptables -L
      Chain INPUT (policy ACCEPT)
      target prot opt source destination
      ACCEPT all — anywhere anywhere state RELATED,ESTABLISHED
      ACCEPT icmp — anywhere anywhere
      ACCEPT all — anywhere anywhere
      ACCEPT tcp — anywhere anywhere state NEW tcp dpt:ssh
      ACCEPT tcp — anywhere anywhere state NEW tcp dpt:http
      REJECT all — anywhere anywhere reject-with icmp-host-prohibited

      Chain FORWARD (policy ACCEPT)
      target prot opt source destination
      REJECT all — anywhere anywhere reject-with icmp-host-prohibited

      Chain OUTPUT (policy ACCEPT)
      target prot opt source destination
      [[email protected] Xia]#

      Do I need

      Reply
      • You iptables rules looks good, but then next thing is have public ip, if you want open your server to whole world or lan ip, if you want open your server locally?

        Reply
    12. FYI, in my case, I had to modify the UserDir settings I found in /etc/httpd/conf/httpd.conf. Following your instructions and creating a userdir.conf file was overriden by the defaults in httpd.conf.

      Reply
    13. Thank you for your tutorial, I couldn’ find much out explaining how to do this. Right now I am having this problem after running the command

      setsebool -P httpd_enable_homedirs true

      I get

      “-bash: setsebool: command not found”

      I am running Centos 6.0, what could be causing the issue?

      Thanks

      Reply
      • Hi Nicholas,

        Could you post output of following commands:

        
        rpm -qa *selinux* *policy* |sort
        
        ls -la /usr/sbin/setsebool
        
        whereis setsebool
        

        CentOS 6.0 should not be a problem…

        Reply
    14. I keep getting a 403 Forbidden saying I don’t have permission to access this…can you help me?

      Reply
      • Hi Alice,

        What system you are running?

        Could you post output of following commands:

        
        ls -la /home
        
        ls -la ~/ |grep public_html
        
        ls -laZ ~/public_html/
        
        Reply
    15. Hi, followed your instructions, but when I go to localhost/~testuser (or in my case localhost/~elijah) I just get a not found page:

      Not Found

      The requested URL /~elijah was not found on this server.

      Apache/2.2.22 (Fedora) Server at localhost Port 80

      Reply
      • I have the same problem as you. Everything else has worked fine so far. PHP and Apache itself seem fine. I can access the php test page from other computers on my local network but when I go to localhost/~testuser (localhost/~rick) I get the same thing.

        Not really sure where to start looking to fix this.
        I got no errors on anything in the setup process.

        Reply
        • Well I seem to have found my problem.

          Double check to make sure your settings in the userdir section of your httpd.conf file are correct.

          Great guides by the way. Very clear and easy to follow.

          Reply
1 2 3

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close