I set up a new development environment using the recently released CentOS v6.1. For various reasons I prefer to switch off SELinux for the Apache Webserver. Coming from CentOS 5.x, I expected to be able to do this via the well known setsebool -P httpd_disable_trans 1. Much to my surprise, SELinux insisted on not knowing that boolean.
After some research, it looks like a change in upstream RHEL means using the semanage helper is now the way to achieve this*:
semanage permissive -a httpd_t
In case you cannot find it: It's in the policycoreutils-python package.
Please keep in mind that this is not a safe setting for production environments.
*) Well, not really. It just sets the mode for the httpd module from enforcing to permissive. I couldn't find a way to disable SELinux selectively without disabling it entirely via SELINUX=0 as kernel param. Still, this will allow you to do what you want.
Update: Looks like SE approves
Why not write new policies for httpds operations?
SE is a good thing.
2011-12-19 10:26 pm