Description of problem: SELinux is preventing httpd from 'write' accesses on the directory /var/www/html. ***** Plugin httpd_write_content (92.2 confidence) suggests *************** If you want to allow httpd to have write access on the html directory Then you need to change the label on '/var/www/html' Do # semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html' # restorecon -v '/var/www/html' ***** Plugin catchall_boolean (7.83 confidence) suggests ****************** If you want to allow httpd to unified Then you must tell SELinux about this by enabling the 'httpd_unified' boolean. You can read 'None' man page for more details. Do setsebool -P httpd_unified 1 ***** Plugin catchall (1.41 confidence) suggests ************************** If you believe that httpd should be allowed write access on the html directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep httpd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:httpd_t:s0 Target Context system_u:object_r:httpd_sys_content_t:s0 Target Objects /var/www/html [ dir ] Source httpd Source Path httpd Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages httpd-filesystem-2.4.12-1.fc22.noarch Policy RPM selinux-policy-3.13.1-122.fc22.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.0.4-301.fc22.x86_64 #1 SMP Thu May 21 13:10:33 UTC 2015 x86_64 x86_64 Alert Count 2 First Seen 2015-09-15 13:36:33 IRDT Last Seen 2015-09-15 13:36:45 IRDT Local ID 5020de69-9a1d-4b03-bae2-ef72caf67309 Raw Audit Messages type=AVC msg=audit(1442308005.930:777): avc: denied { write } for pid=28734 comm="httpd" name="html" dev="sda6" ino=2096011 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_sys_content_t:s0 tclass=dir permissive=0 Hash: httpd,httpd_t,httpd_sys_content_t,dir,write Version-Release number of selected component: selinux-policy-3.13.1-122.fc22.noarch Additional info: reporter: libreport-2.5.1 hashmarkername: setroubleshoot kernel: 4.0.4-301.fc22.x86_64 type: libreport Potential duplicate: bug 666142
What module does it cause? The alert tells you what do.