Bug 461064

Summary: setroubleshoot browser gives bad suggestion with nfs mounted home dir and public_html
Product: Red Hat Enterprise Linux 5 Reporter: Thomas Cameron <tcameron>
Component: setroubleshoot-pluginsAssignee: Daniel Walsh <dwalsh>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: low Docs Contact:
Priority: medium    
Version: 5.2CC: dpal, dwalsh, nalin
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-03-25 17:31:05 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Thomas Cameron 2008-09-03 22:06:45 UTC
Description of problem:
Installed RHEL 5.2 64-bit on an AMD dual core 64-bit white box machine with 4GB memory.  Mounted /home over NFS.  Set up httpd.conf to set up to allow user directories via ~/public_html.

I ran:

setsebool -P use_nfs_home_dirs=1

as root, fired up Apache and got was still unable to view a user's personal web page.  I got an selinux alert via the setroubleshoot browser in GNOME which told me to run the command:

setsebool -P httpd_use_nfs=1

I ran that from the command line and I got back:

libsemanage.dbase_llist_set: record not found in the database
libsemanage.dbase_llist_set: could not set record value
Could not change boolean httpd_use_nfs
Could not change policy booleans

I asked dwalsh on IRC and he said "Looks like setroubleshoot-plugins is out of sync with rhel5."

Version-Release number of selected component (if applicable):
setroubleshoot-plugins-2.0.4-2.el5

Comment 1 Thomas Cameron 2008-09-03 23:02:53 UTC
Sorry, didn't finish up.

What I wound up doing was actually issuing the command:

setsebool -P httpd_enable_homedirs=on

The setroubleshoot browser should have reported that as a solution instead.

Comment 2 Daniel Walsh 2009-10-23 12:34:07 UTC
Thomas if you update to the RHEL5.4 policy, httpd_us_nfs should be present.