Description of problem:
I have a php web application that uses sqlite. The program lives in
my $HOME/public_html/ directory. The sqlite database file is in this
directory. So, I need to allow apache to write to the
$HOME/public_html directory in order have it update the database. I
used the selinux-apache document to get as far as I did, but this
inability to write to the public_html directory caused me to set
selinux to 'warn' only. This is probably something that would fit
well in this document.
I'm assigning this to Karsten since he is working with Colin on this
PHP kind of throws a wrench into our original design; because it runs
in-process, it requires httpd_t to have direct write access to
Does this need an FAQ entry for FC4 or FC5?
Reassigning, please evaluate for usage, or close as WONTFIX.
With strict policy, this will require a policy change, as there is no type that
allows apache/php write access as well as user_t. For targeted, this can get
httpd_sys_script_rw_t, just like the other php script FAQ (possibly merged), and
the user in unconfined_t can still access it.
Addressed in cvs