selinux與lamp問題解決

今天在完善我之前寫的LAMP做加速和優化時，所有完成在啓動httpd是提示如下：

[root@localhost modules]# /etc/init.d/httpd restart
Syntax error on line 232 of /usr/local/apache2/conf/httpd.conf:
Cannot load /usr/local/apache2/modules/libphp5.so into server: /usr/local/apache2/modules/libphp5.so: cannot restore segment prot after reloc: Permission denied

通過查看selinux日誌：

type=AVC msg=audit(1294050945.203:51): avc:  denied  { execmod } for  pid=22778 comm="httpd" path="/usr/local/apache2/modules/libphp5.so" dev=dm-5 ino=1212536 scontext=root:system_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lib_t:s0 tclass=file
type=SYSCALL msg=audit(1294050945.203:51): arch=40000003 syscall=125 success=no exit=-13 a0=d17000 a1=5dd000 a2=5 a3=bfb25590 items=0 ppid=22776 pid=22778 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=2 comm="httpd" exe="/usr/local/apache2/bin/httpd" subj=root:system_r:unconfined_t:s0-s0:c0.c1023 key=(nul

得知要改 /usr/local/apache2/modules/libphp5.so 的context值，goole+baidu半天得知：

[root@localhost modules]# chcon -c -v -R -u system_u -r object_r -t textrel_shlib_t /usr/local/apache2/modules/libphp5.so

再次啓動，問題解決！

[root@localhost modules]# /etc/init.d/httpd restart

抓緊時間完成我的加速和優化