SELinux support todo list

This is a ticket to remind me of the things needed to make Virtualmin work happily with SELinux. It is mostly stuff that needs to go into

setsebool -P httpd_read_user_content 1 setsebool -P httpd_enable_homedirs 1

Figure out how to get files like: fcgi-bin/php5.fcgi set to the right context. It gets set to immutable during domain creation, which makes it impossible to change the context, which breaks Apache restarts.


chattr -i /home/domain/fcgi-bin/php5.fcgi restorecon -v /home/domain/fcgi-bin/php5.fcgi chattr +i /home/domain/fcgi-bin/php5.fcgi

suexec needs permission to execute php5.fcgi (and every other cgi or fcgi script?) Tons of policy additions...found in virtualminpolicy.te on the new server. Will need a virtualmin policy packaged up, and maybe a Webmin or Cloudmin policy, as well.