diff options
| author |  Henry <hf.nospam@free.fr>
| 2018-03-18 10:06:02 +0100 |
|---|---|---|
| committer | Henry <hf.nospam@free.fr>
| 2018-03-18 10:06:02 +0100 |
| commit | a0a5ec8daf3888b3e317f002fdd0281299a64cf4 (patch) | |
| tree | 7343ef22a70238f05a62be9bb3aae1b4d0fbc66f /docs | |
| parent | 84d891f8cf43e4bb097a8b05a85dfeb4c48bd215 (diff) | |
Selinux FAQ
Command to run on SELinux system enabled
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/en/users/07_Frequently_Asked_Questions.md | 22 | ||||
| -rw-r--r-- | docs/fr/users/07_Frequently_Asked_Questions.md | 18 |
2 files changed, 39 insertions, 1 deletions
diff --git a/docs/en/users/07_Frequently_Asked_Questions.md b/docs/en/users/07_Frequently_Asked_Questions.md index 132b2e7ec..08148ef98 100644 --- a/docs/en/users/07_Frequently_Asked_Questions.md +++ b/docs/en/users/07_Frequently_Asked_Questions.md @@ -43,4 +43,24 @@ Since [1.8.0](https://github.com/FreshRSS/FreshRSS/releases/tag/1.8.0) release, ```sh ./cli/update_user.php --user <username> --password <password> ``` -For more information on that matter, there is a [dedicated documentation](../../cli/README.md).
\ No newline at end of file +For more information on that matter, there is a [dedicated documentation](../../cli/README.md). + +## Permissions under SELinux + +Some Linux distribution like Fedora or RedHat Enterprise Linux have SELinux system enabled. This acts like a firewall application, so all applications cannot write/modify files under certain conditions. While installing FreshRSS, step 2 can fail if the httpd process cannot write to the following directories : + + - FreshRSS/data + - FreshRSS/data/cache + - FreshRSS/data/favicons + - FreshRSS/data/users + +The following commands should be executed as root : + +```sh +semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/FreshRSS/data +semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/FreshRSS/data/cache' +semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/FreshRSS/data/users' +semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/FreshRSS/data/favicons' + +restorecon -Rv /usr/share/FreshRSS/data +```
\ No newline at end of file diff --git a/docs/fr/users/07_Frequently_Asked_Questions.md b/docs/fr/users/07_Frequently_Asked_Questions.md index f27c92579..b86d01e4f 100644 --- a/docs/fr/users/07_Frequently_Asked_Questions.md +++ b/docs/fr/users/07_Frequently_Asked_Questions.md @@ -44,3 +44,21 @@ Depuis la version [1.8.0](https://github.com/FreshRSS/FreshRSS/releases/tag/1.8. ./cli/update_user.php --user <username> --password <password> ``` Pour plus d'information à ce sujet, il existe la [documentation dédiée](../../cli/README.md). + +## Gérer les permissions sous SELinux + +Certaines distributions Linux comme Fedora ou RedHat Enterprise Linux (RHEL) activent par défaut le système SELinux. Celui-ci permet de gérer des permissions au niveau des processus. Lors de l'installation de FreshRSS, l'étape 2 procède à la vérification des droits sur certains répertoires: + + - FreshRSS/data + - FreshRSS/data/cache + - FreshRSS/data/favicons + - FreshRSS/data/users + +Il faut donc exécuter les commandes suivantes en tant que root : +```sh +semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/FreshRSS/data +semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/FreshRSS/data/cache' +semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/FreshRSS/data/users' +semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/FreshRSS/data/favicons' + +restorecon -Rv /usr/share/FreshRSS/data |