Context Setting Centos (SELLinux)
Because of Centos is SELinux (Security Enhanced Linux) beside the standard access control, file context setting is used. This can prevent application to access files.
List Context Setting
Use ls -Z to list context settings.
Context Setting for Apache
The main issue for DrawMGT, that httpd (apache) can not access files, if
- they are moved e.g from /home to /var/www/html
- they are under /home
See more information on Controlling and Maintaining SELinux.
To allow to access files by httpd under /var/www/html (or under the appropriate directory at a deeper level) use:
restorecon -R /var/www/html
as root. To allow to use files by httpd under /home, use the chcon command in the appropriate directory. E.g.
chcon -R -t httpd_sys_content_t /home/wiki
See the online manuals for more information. (man restorecon, man chcon)
Context settings of the directory '''.ssh'''
To allow to login without password the ssh_home_t context should be added to the directory .ssh:
chcon -R -t ssh_home_t .ssh
Context settings for '''logrotate'''
To allow to work logrotate correctly set the user to system_u:
chcon -u system_u /etc/logrotate.d/DrawMGT
Copying a whole Centos System
The same problem occurs if, for example, the whole root filesystem is copied by rsync to an other partition. After booting from the new partition everything will seem to be OK, but it will not be possible to login. Start CentOS in single user mode (add kernel parameter "1" at GRUB menu) and use the the following command to repair to whole filesystem:
restorecon -R /