lemonldap-ng/doc/sources/admin/selinux.rst
Maxime Besson 2054799baf Move cache directory to /var/cache (#2254)
In order to avoid namespace issues, and for better compliance with the
FHS.

Only the default configs are changed.
2020-08-10 15:15:32 +02:00

47 lines
607 B
ReStructuredText

SELinux
=======
To make LemonLDAP::NG work with SELinux, you may need to set up some
options.
Disk cache (sessions an configuration)
--------------------------------------
::
chcon -R -t httpd_sys_rw_content_t /var/cache/lemonldap-ng
To persist the rule:
::
semanage fcontext -a -t http_sys_content_t /var/cache/lemonldap-ng
LDAP
----
::
setsebool -P httpd_can_connect_ldap 1
Databases
---------
::
setsebool -P httpd_can_network_connect_db 1
Memcache
--------
::
setsebool -P httpd_can_network_memcache 1
Proxy HTTP
----------
::
setsebool -P httpd_can_network_relay 1