Selinux on Chris Irwin

Sharing Host Files With KVM

Tue, 10 Mar 2020 23:06:27 -0400

Adventures with sharing host files with a KVM VM using 9p and libvirt with SELinux.

Snapperd on Fedora with SELinux enabled

Wed, 14 Sep 2016 21:46:01 +0000

Snapper is an excellent utility that provides hourly snapshots of btrfs subvolumes.

Fedora ships with selinux enabled by default. This is excellent, and shouldn’t be disabled. To allow this, most software in Fedora has appropriate rules defined, including snapper.

However, snappers rules only allow it to work on / and /home. If you wish to use it to snapshot /mnt/data, or /srv, or any other particular path, you’re going to have a very bad time.

SELinux and apache (httpd)

Thu, 15 Jan 2015 03:54:27 +0000

I’ve just built a new web server vm, basically identical to my mariadb one, and the fedora cloud image. This is documentation on how I configured it, as well as the ttrss update daemon.

To get nfs to work, install nfs-utils. I need some packages also for ttrss.

$ yum install nfs-utils httpd php php-mysql php-mbstring php-xml

I’m putting the web root on an nfs mount from my nas. I have multiple virtualhosts.

SELinux and mariadb (mysql)

Thu, 15 Jan 2015 03:28:41 +0000

I’ve just built a new mysql server vm, using the instructions I posted previously. This is documentation on how I configured it.

To get nfs to work, install nfs-utils.

$ yum install nfs-utils httpd mariadb mariadb-server

I’m putting the database on an nfs mount from my nas. Socket files can’t exist on nfs. It’s easier to move the data than the socket file (I think I hit an selinux issue with socket access).