summaryrefslogblamecommitdiffstats
path: root/README-SELinux.md
blob: 32ce880852b1ed1634d293fd04fffde31837b2de (plain) (tree) 
5337e3d





























1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29





























                                                                              
If your system has SELinux enabled, you must enable the `httpd_enable_cgi`
boolean:

    # setsebool -P httpd_enable_cgi 1

Additionally, the git repositories need to be accessible to cgit.  This is
handled automatically for repositories in the default path, `/var/lib/git`.

If you have created `/var/lib/git` manually or have existing content in that
directory, you may need to run `restorecon` to reset the SELinux context:

    # restorecon -RF /var/lib/git

If your repositories are in a different path, `/srv/git`, for example, you can
set the proper context using `semanage`:

    # semanage fcontext -a -e /var/lib/git /srv/git

This sets the context of `/srv/git` equal to the default context of
`/var/lib/git`.

If you have other confined daemons that need to access the git repositories,
you may want to use `public_content_t` or `public_content_rw_t` instead:

    # semanage fcontext -a -t public_content_t "/srv/git(/.*)?"

Then use `restorecon` to update the contexts:

    # restorecon -RF /srv/git
generated by cgit (git 2.34.1) at 2024-09-16 19:45:10 +0000