Bug 461064 - setroubleshoot browser gives bad suggestion with nfs mounted home dir and public_html
setroubleshoot browser gives bad suggestion with nfs mounted home dir and pub...
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: setroubleshoot-plugins (Show other bugs)
All Linux
medium Severity low
: rc
: ---
Assigned To: Daniel Walsh
Depends On:
  Show dependency treegraph
Reported: 2008-09-03 18:06 EDT by Thomas Cameron
Modified: 2010-03-25 13:31 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-03-25 13:31:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Thomas Cameron 2008-09-03 18:06:45 EDT
Description of problem:
Installed RHEL 5.2 64-bit on an AMD dual core 64-bit white box machine with 4GB memory.  Mounted /home over NFS.  Set up httpd.conf to set up to allow user directories via ~/public_html.

I ran:

setsebool -P use_nfs_home_dirs=1

as root, fired up Apache and got was still unable to view a user's personal web page.  I got an selinux alert via the setroubleshoot browser in GNOME which told me to run the command:

setsebool -P httpd_use_nfs=1

I ran that from the command line and I got back:

libsemanage.dbase_llist_set: record not found in the database
libsemanage.dbase_llist_set: could not set record value
Could not change boolean httpd_use_nfs
Could not change policy booleans

I asked dwalsh on IRC and he said "Looks like setroubleshoot-plugins is out of sync with rhel5."

Version-Release number of selected component (if applicable):
Comment 1 Thomas Cameron 2008-09-03 19:02:53 EDT
Sorry, didn't finish up.

What I wound up doing was actually issuing the command:

setsebool -P httpd_enable_homedirs=on

The setroubleshoot browser should have reported that as a solution instead.
Comment 2 Daniel Walsh 2009-10-23 08:34:07 EDT
Thomas if you update to the RHEL5.4 policy, httpd_us_nfs should be present.

Note You need to log in before you can comment on or make changes to this bug.