Bug 901356

Description of problem:
SELinux is preventing /usr/sbin/httpd from 'write' accesses on the directory /var/www/html/wp-content/uploads/2013/01.

*****  Plugin restorecon (48.3 confidence) suggests  *************************

If you want to fix the label. 
/var/www/html/wp-content/uploads/2013/01 default label should be httpd_sys_rw_content_t.
Then you can run restorecon.
Do
# /sbin/restorecon -v /var/www/html/wp-content/uploads/2013/01

*****  Plugin httpd_write_content (48.3 confidence) suggests  ****************

If you want to allow httpd to have write access on the 01 directory
Then you need to change the label on '/var/www/html/wp-content/uploads/2013/01'
Do
# semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/wp-content/uploads/2013/01'
# restorecon -v '/var/www/html/wp-content/uploads/2013/01'

*****  Plugin catchall_boolean (4.32 confidence) suggests  *******************

If you want to unify HTTPD handling of all content files.
Then you must tell SELinux about this by enabling the 'httpd_unified' boolean.You can read 'httpd_selinux' man page for more details.
Do
setsebool -P httpd_unified 1

*****  Plugin catchall (0.97 confidence) suggests  ***************************

If you believe that httpd should be allowed write access on the 01 directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep httpd /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                system_u:system_r:httpd_t:s0
Target Context                unconfined_u:object_r:httpd_sys_content_t:s0
Target Objects                /var/www/html/wp-content/uploads/2013/01 [ dir ]
Source                        httpd
Source Path                   /usr/sbin/httpd
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           httpd-2.4.3-12.fc18.x86_64
Target RPM Packages           
Policy RPM                    selinux-policy-3.11.1-67.fc18.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     (removed)
Platform                      Linux (removed) 3.6.10-4.fc18.x86_64 #1 SMP Tue
                              Dec 11 18:01:27 UTC 2012 x86_64 x86_64
Alert Count                   6
First Seen                    2013-01-17 21:29:20 EST
Last Seen                     2013-01-17 22:09:57 EST
Local ID                      9b943291-6534-43b8-bb4f-72215ea9ff0b

Raw Audit Messages
type=AVC msg=audit(1358478597.965:8514): avc:  denied  { write } for  pid=4337 comm="httpd" name="01" dev="dm-1" ino=398558 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir


type=SYSCALL msg=audit(1358478597.965:8514): arch=x86_64 syscall=open success=no exit=EACCES a0=7ff446ae3fc0 a1=241 a2=1b6 a3=7364616f6c70752f items=0 ppid=24051 pid=4337 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm=httpd exe=/usr/sbin/httpd subj=system_u:system_r:httpd_t:s0 key=(null)

Hash: httpd,httpd_t,httpd_sys_content_t,dir,write

audit2allow

#============= httpd_t ==============
#!!!! This avc can be allowed using the boolean 'httpd_unified'

allow httpd_t httpd_sys_content_t:dir write;

audit2allow -R

#============= httpd_t ==============
#!!!! This avc can be allowed using the boolean 'httpd_unified'

allow httpd_t httpd_sys_content_t:dir write;


Additional info:
hashmarkername: setroubleshoot
kernel:         3.6.10-4.fc18.x86_64
type:           libreport

Potential duplicate: bug 666142