This article describes the SELinux configuration for a VIMP webhosting. It´s been tested under Red Hat 6 + 7 but should work with any Linux distribution.
We assume that the VIMP installation folder is
/var/www/html/
First we install some tools.
yum install -y policycoreutils-python-utils yum install -y setroubleshoot
We configure the VIMP directories for SELinux with the following commands.
semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?" semanage fcontext -a -t httpd_log_t "/var/www/html/log(/.*)?" semanage fcontext -m -t httpd_sys_rw_content_t "/var/www/html/log(/.*)?" semanage fcontext -a -t httpd_cache_t "/var/www/html/cache(/.*)?" semanage fcontext -m -t httpd_sys_rw_content_t "/var/www/html/cache(/.*)?" semanage fcontext -a -t httpd_cache_t "/var/www/html/web/cache(/.*)?" semanage fcontext -m -t httpd_sys_rw_content_t "/var/www/html/web/cache(/.*)?" semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/userdata(/.*)?" semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/web/images(/.*)?" semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/plugins(/.*)?" setsebool -P httpd_can_network_connect on
And in a final step set the labels for the directories and make the rules persistent:
restorecon -Rv /var/www/html
That´s it and apache2/httpd should deliver your VIMP website immediately after reloading it.
