summaryrefslogtreecommitdiffstats
path: root/README.SELinux
diff options
context:
space:
mode:
authorRemi Collet <remi@remirepo.net>2018-08-24 09:02:23 +0200
committerRemi Collet <remi@remirepo.net>2018-08-24 09:02:23 +0200
commitd0dff73e8fdfad7591475740b23b97a8df223cc8 (patch)
tree256d14544c81c5f5686ab70ac9d35642bb4193a6 /README.SELinux
parentcc38aafd7035d56c34c7447362a60f0695597a6b (diff)
sync with fedora spec (epel7)
Diffstat (limited to 'README.SELinux')
-rw-r--r--README.SELinux21
1 files changed, 21 insertions, 0 deletions
diff --git a/README.SELinux b/README.SELinux
new file mode 100644
index 0000000..1f63c62
--- /dev/null
+++ b/README.SELinux
@@ -0,0 +1,21 @@
+If you use SELinux, you need to ensure that the httpd_enable_cgi boolean is
+set properly. This can be done via the command line, e.g.:
+
+ # setsebool -P httpd_enable_cgi 1
+
+Or you can use the graphical tool system-config-selinux, via System ->
+Administration -> SELinux Management on the Gnome menu.
+
+Additionally, the git repositories need to be readable by the cgi. This is
+handled automatically for repositories in the default path, /var/lib/git. If
+your repositories are in a different path, /srv/git, for example, you can set
+the proper context using semanage:
+
+ # semanage fcontext -a -t @CGIT_CONTEXT@ "/srv/git(/.*)?"
+
+If you have other confined daemons that need to access the git repositories,
+you may want to use public_content_t, or public_content_rw_t instead.
+
+Then use restorecon to update the contexts:
+
+ # restorecon -RF /srv/git