转载自:https://www.jianshu.com/p/491817981a32
临时关闭selinux
setenforce 0 # 关闭 Selinux
setenforce 1 # 开启 Selinux
临时关闭以后,此时nginx就可以访问了
永久关闭selinux
永久关闭需要重启才能生效
编辑vim /etc/selinux/config[root@localhost]# vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
允许nginx 白名单
yum install policycoreutils-python
cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M mynginx
semodule -i mynginx.pp
作者:liurongming
链接:https://www.jianshu.com/p/491817981a32
来源:简书
著作权归作者所有。商业转载请联系作者获得授权,非商业转载请注明出处。