Red Hat Knowledgebase

Disabling SELinux protection for individual programs like Apache is only recommended when you are modifying Apache in a manner that does not work well with SELinux. After disabling SELinux protection for Apache you will need to restart any httpd daemons which were started with SELinux protections. To acomplish this you should be able to run service httpd restart.

You can do this by using the Security Level Configuration Tool.

To start the application, select Applications => System Settings => Security level or type the command system-config-securitylevel level from a shell prompt. Select the SELinux tab in the window and click on Disable SELinux protection for httpd daemon checkbox under the category SELinux Service Protection. Click on the OK button. The changes made using this tool are immediate and do not require any further SELinux activities. You will, however, need to restart any httpd daemons which were started with SELinux enforcement active.

You can also use the following command to to disable SELinux protection for Apache. This change will also be persistant across reboots. After running the command do not forget to restart the httpd daemon.

setsebool -P httpd_disable_trans 1 

Alternatively, you can also edit the file /etc/selinux/targeted/booleans and set the value httpd_disable_trans=1. You will need to either run

setsebool httpd_disable_trans 1 

or reboot the machine for this to take effect.

For more information see the SELinux users guide.