AD GIT SELinux RHEL 6 : Can not get SELinux to allow connetion to git

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Johan Sörell on Server Fault See other posts from Server Fault or by Johan Sörell
Published on 2012-10-05T15:02:20Z Indexed on 2012/10/05 15:40 UTC
Read the original article Hit count: 444

Filed under:
|
|
|
|

I have a problem with SELinux!

I have installed git on Red Hat Enterprise 6 with AD group control and SSL Cert . Everything works fine if I do setenforce 0 ( set SELinux in detection only mode ) or if I do semanage permissive -a httpd_t (Set httpd_t in detection only mode)

I do not want to use this on my git production server.

Is there anyone out there who can help we with SELinux?

Below is some info that you might need to be able to help me:

All help I can get would be apriciated:

This is the output of ls -lZa /preproduction/git/repositories/

ls -lZa /preproduction/git/repositories/
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 .
drwxr-xr-x. apache apache unconfined_u:object_r:file_t:s0  ..
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 playground
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 shamrock.git
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 test

Here is the out put of getsebool -a |grep -i httpd

getsebool -a |grep -i httpd
allow_httpd_anon_write --> off
allow_httpd_mod_auth_ntlm_winbind --> off
allow_httpd_mod_auth_pam --> off
allow_httpd_sys_script_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_check_spam --> off
httpd_can_network_connect --> off
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off
httpd_can_network_memcache --> off
httpd_can_network_relay --> off
httpd_can_sendmail --> off
httpd_dbus_avahi --> on
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> off
httpd_execmem --> off
httpd_read_user_content --> off
httpd_setrlimit --> off
httpd_ssi_exec --> off
httpd_tmp_exec --> off
httpd_tty_comm --> on
httpd_unified --> on
httpd_use_cifs --> off
httpd_use_gpg --> off
httpd_use_nfs --> off

Tis is the status of : sestatus

sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about active-directory

Related posts about httpd

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle