These pesky SeLinux commands that are just impossible to remember
We need some tools
yum install policycoreutils-python -y
Non-default location for homedirs
# say user dyzio comes from AD/LDAP and lives under /users/d/dyzio
mkdir -p /users/{a..z} # precreate home_root_t
chcon -t home_root_t /users
semanage fcontext -a -t home_root_t "/users(/.*)?"
restorecon -R -v /users
# if you need to autocreate home dirs you'll need
yum install -y oddjob-mkhomedir
# and for AD users "usepasswd=True" in this file
vim /etc/selinux/semanage.conf
# this will check user entry in ldap and set correct security context "user_home_t" on user home
Samba
semanage fcontext -a -t samba_share_t "/srv/shared(/.*)?" restorecon -R -v /srv/shared
Apache
setsebool -P httpd_can_sendmail on
Assign the appropriate Selinux security context to our custom web app directories. This grants Apache permissions to access them.
chcon -Rv --type=httpd_sys_content_t /webapps/apps/app1/public_html chcon -Rv --type=httpd_sys_content_t /webapps/logs/app1/
