Submitted by vstoykov on Thu, 01/26/2017 - 14:41
Nginx does not work with SELinux, because Webmin/Virtualmin is using non-standard directories and other problems.
Here is how to fix this:
# semanage fcontext -a -t httpd_log_t "/var/log/virtualmin(/.*)?"
# setsebool -P httpd_read_user_content on
# echo "module nginxfix 1.0;
require {
type httpd_t;
type var_t;
type initrc_t;
class sock_file write;
class unix_stream_socket connectto;
}
#============= httpd_t ==============
allow httpd_t initrc_t:unix_stream_socket connectto;
allow httpd_t var_t:sock_file write;" > /tmp/nginxfix.te
# checkmodule -M -m -o /tmp/nginxfix.mod /tmp/nginxfix.te
# semodule_package -o /tmp/nginxfix.pp -m /tmp/nginxfix.mod
# semodule -i /tmp/nginxfix.pp
Reported also here: https://sourceforge.net/p/webadmin/bugs/4881/
Status:
Active
Comments
Submitted by JamieCameron on Thu, 01/26/2017 - 19:01 Comment #1
I'd recommend turning off SElinux for now - we haven't qualified the Virtualmin Nginx support with it at all.