WebSpellChecker LLC, 38 Nauky Ave., Kharkiv, 61166, Ukraine, Tel.: +1 (917) 259-1071
Fax +1 (917) 259-1074. ©2000- WebSpellChecker LLC. All Rights Reserved.
SELinux defines the access and transition rights of every user, application, process, and file on the system. SELinux then governs the interactions of these entities using a security policy that specifies how strict or lenient a given Red Hat Enterprise Linux installation should be.
As you may understand basic installation of WebSpellChecker does not intend for such secured environment that is why the additional configuration is required.
Once the basic installation has been performed you can proceed to SELinux configuration as explained below:
You can access terminal with root credentials at once or add “sudo” command before each command in order to execute a command as root user.
*First of all, you should define the security context of WebspellChecker installation folder “WSC” by marking the extended attributes with the appropriate security context:
sudo /sbin/restorecon -R -v /opt/WSC
-R - recursively changed security context of WSC folder and all subfolders
-v - to explain what has been done
sudo /usr/sbin/setsebool -P httpd_can_network_connect=1
-P - all pending values are written to the boolean file on disk
You can see that mentioned script has following (by default) context type: default_t. If we start our web browser and try to view the page, SELinux will properly deny access and log the error because the file has the wrong security context. We need to set the correct security context type of httpd_sys_content_t by executing of the following command:
sudo chcon -t httpd_sys_content_t /opt/WSC/WebComponents/WebInterface/script/ssrv.fcgi
Please note that starting the WebSpellChecker version 4.9.3 we use FastCGI instead of CGI. For versions less than 4.9.3. you need to use ssrv.cgi during executing the 'chcon' command.
SELinux configuration has been completed successfully and you can proceed to evaluate of WebSpellChecker solution.
Feel free to post any comments or suggestions to Technical support.