Knowledge Base

CentOS

Details
Parent Category: Servers
Category: CentOS

At first grub boot prompt, you have 4sec to pres: [e]

grub-menu.JPG

Does not matter which grub kernel you choose as we are not really modifying the kernel.

With your [e] key just choose to edit the first one

add at the end the word "single", like so:

<YTABLE=us crashkernel=auto rhgb quiet single

centos-kernel-edit-to-single-user.JPG

and press [enter]

Back at the Grub menu press [b] to boot.
When the prompt comes up we are in single user mode

centos-single-user-mode.JPG

In this mode we are not required to authenticate and we can go ahead and reset the password by typing at the prompt:

[[email protected] /]# passwd

setting-root-passwrod-centos.JPG

retype the password to confirm and the root password has been changed,

do a shutdown by typing:

shutdown -r now

 

Details
Parent Category: Servers
Category: CentOS

Fixing the original problem

So we want to serve our files at /var/www/html and enable writing to log files and file uploads as well? Let’s play nice with SELinux.

First, copy the files as usual to /var/www/html, then set the proper ownership and permissions.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# Ownership
sudo chown apache:apache -R /var/www/html
cd /var/www/html
 
# File permissions, recursive
find . -type f -exec chmod 0644 {} \;
 
# Dir permissions, recursive
find . -type d -exec chmod 0755 {} \;
 
# SELinux serve files off Apache, resursive
sudo chcon -t httpd_sys_content_t /var/www/html -R
 
# Allow write only to specific dirs
sudo chcon -t httpd_sys_rw_content_t /var/www/html/logs -R
sudo chcon -t httpd_sys_rw_content_t /var/www/html/uploads -R

httpd_sys_content_t – for allowing Apache to serve these contents and httpd_sys_rw_content_t – for allowing Apache to write to those path.

You may use the 'sestatus' command to view the current SELinux status:

# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 21
Policy from config file:        targeted

The 'setenforce' command may be used to switch between Enforcing and Permissive modes on the fly but note that these changes do not persist through a system reboot.

To make changes persistent through a system reboot, edit the 'SELINUX=' line in  /etc/selinux/config  for either 'enforcing', 'permissive', or 'disabled'. For example: 'SELINUX=permissive'