SELinux – Permissão arquivos

Padrão

You can check the current SELinux permissions with the following command:

ls -lZ

You can set SELinux permissions with the following command:

chcon unconfined_u:object_r:httpd_user_content_t:s0

You can use a wildcard to change all files in a directory like so:

chcon unconfined_u:object_r:httpd_user_content_t:s0 *

You can set permissions to all files and directories recursively using this (this is the command that will likely fix your permission issue, you should avoid 777 like then plague):

chcon -R unconfined_u:object_r:httpd_user_content_t:s0 *

If you wish to use home directories to serve sites or applications, you need to issue this command:

setsebool -P httpd_enable_homedirs=1

I have had issues with fsockopen on centos with Selinux and I had to use the following (the -P makes this change permanent, you will liekly need this command also):

setsebool -P httpd_can_network_connect 1

You can see what flags are set on HTTPD with:

sestatus

 

FTP Server – vsftpd

Padrão

Instalação de Servidor FTP no CentOS 7

yum install vsftpd
chkconfig vsftpd on
Editar o arquivo: /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
chroot_local_user=YES
allow_writeable_chroot=YES
pasv_enable=Yes
pasv_min_port=40000
pasv_max_port=40100
 systemctl restart vsftpd.service
firewall-cmd --permanent --add-service=ftp
firewall-cmd --reload
setsebool -P ftp_home_dir on
setsebool -P allow_ftpd_full_access 1
useradd -m USUARIO -s /sbin/nologin
passwd USUARIO