Nginx on Fedora with SELinux
Jeffrey Walton
noloader at gmail.com
Mon Nov 18 21:34:12 UTC 2024
Hi Everyone,
I'm trying to install Nginx on Fedora 41 with SELinux in enforcing
mode. In my case, the document root is /var/www/html (for historic
reasons). I added /etc/nginx/conf.d/webserver.conf, and specified my
document root. I chown'd -R /var/www to root:nginx. I also chmod'd -R
o-rwx /var/www. Visiting the web server resulted in a 403 [due to
SELinux].
According to /etc/nginx/nginx.conf, the Ngnix document root is
/usr/share/nginx/html. So I `ls -Z /usr/share/nginx/html` and found
the SELinux context of system_u:object_r:httpd_sys_content_t:s0. I
chcon'd -R system_u:object_r:httpd_sys_content_t:s0 /var/www. Visiting
the web server succeeded.
So I am not at the point where I need to make it permanent. But I am
also at the limits of my SELinux knowledge.
Does anyone know how to make the change survive a restorecon or reboot
(and not break things, like the default Nginx install or SELinux
rules)?
Thanks in advance.
Jeff
More information about the nginx
mailing list