Tuesday, October 22, 2019

Configure SELinux Policies for Web Server Write Permission

To allow web server to write into some file or directory in the linux file system when SELinux is enable, we need to set SELinux Policies, first install policycoreutils-python:


# yum install policycoreutils-python

And then for every file or directory which web server has write access, set the policy:


# semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/directory(/.*)?"

With above command, "/path/to/directory" and sub directory will have httpd_sys_rw_content_t context, which allow http to write into file or directory.