= Context Setting Centos (SELLinux) =

Because of Centos is SELinux (Security Enhanced Linux) beside the standard access control, file 
context setting is used. This can prevent application to access files.

== List Context Setting ==

Use ''ls -Z'' to list context settings.

== Context Setting for Apache ==

The main issue for DrawMGT, that httpd (apache) can not access files, if
 * they are moved e.g from /home to /var/www/html
 * they are under /home

See more information on [[http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/rhlcommon-chapter-0017.html|Controlling and Maintaining SELinux]].

To allow to access files by httpd under /var/www/html (or under the appropriate directory at a deeper level) use: 

  {{{
restorecon -R /var/www/html
  }}}

as '''root'''. To allow to use files by httpd under /home, use the '''chcon''' command in the appropriate directory. E.g. 

  {{{
chcon -R -t httpd_sys_content_t /home/wiki
  }}}

See the online manuals for more information. (''man restorecon'', ''man chcon'')

== Context settings of the directory '''.ssh''' ==

To allow to login without password the ''ssh_home_t'' context should be added to the directory '''.ssh''':

  {{{
chcon -R -t ssh_home_t .ssh
  }}}

== Context settings for '''logrotate''' ==

To allow to work '''logrotate''' correctly set the user to '''system_u''':

  {{{
chcon -u system_u /etc/logrotate.d/DrawMGT
  }}}

== Copying a whole Centos System ==

The same problem occurs if, for example, the whole root filesystem is copied by ''rsync'' to an other partition. After booting from the new partition everything will seem to be OK, but it will not be possible to login. Start CentOS in single user mode (add kernel parameter "1" at GRUB menu) and use the the following command to repair to whole filesystem:

  {{{
restorecon -R /
  }}}