3

I'm having some issues with SELINUX.

When trying to visit my website I get 403 forbidden from nginx and the server pops up with an error and says to use grep NGINX /var/log/audit/audit.log | audit2allow -M mypol which i did however,

when trying to load the page it now says Access Denied and asks to use the command grep PHP-FPM /var/log/audit/audit.log | audit2allow -M mypol and when I do this it then reverts back to 403 forbidden access and asks me to use the first command again.

It's as if grep NGINX overwrites php-fpm and vice verse. How would solve this without disabling selinux?

I have access to the gnome desktop on my server and the SELinux security alert tells me to use the commands to solve the issue and the first command does solve it but then throws up another issue and when using the second command it overwrites the first and back to square one. I know that if i disable selinux it will work but it's unsafe and put's the server at risk.

Thanks.

Crafty Mc
  • 101
  • 7
  • Exactly what are you talking about? Who is telling you to run what commands? – Michael Hampton Feb 26 '15 at 18:17
  • 1
    The server error log, I have access to the gnome desktop on my server and the SELinux security alert tells me to use the command to solve the issue and it does solve it but then throws up another issue and when using the second command it overwrites the first and back to square one. I know that if i disable selinux it will work but it's unsafe and put's the server at risk. – Crafty Mc Feb 26 '15 at 18:21
  • You should have posted these details in your original question. Please edit it. – Michael Hampton Feb 26 '15 at 18:22
  • 1
    I thought it was kind of self explanatory considering i said the issue was SELinux so one would assume that the commands came from SELinux. Thanks for nothing though. – Crafty Mc Feb 26 '15 at 18:28
  • You have only posted a summary of what you think the messages were telling you. Again, you need to post the actual data. If you are not being helped, it is because your question needs improvement. I certainly can't log in to your system to read it for myself! – Michael Hampton Feb 26 '15 at 18:30
  • 1
    There isn't any data. The issue is exactly what it says on the tin. I can't post screen shots and Iv'e submitted the commands that I was given. Not sure what more information i could provide.. – Crafty Mc Feb 26 '15 at 18:39

1 Answers1

4

Figured it out, for anyone else with the same issue, 403 forbidden access and selinux security error use this command on your servers root

restorecon -r /srv/www/domain.com

Fixed it for me and now everything is running as it should.

Crafty Mc
  • 101
  • 7