I have a centos 7 server running Apache 2.4 that will happily allow users to download files until they get to a certain size. I've noticed the problem with mp4 video files; I host both low and full resolution files on the site. The low res files are usually less than 5 MB but the full res files can exceed 30 MB. The same script processes and copies them to the website and I can verify all the file permissions are the same. If I change SELinux to setenforce=0 the files will download without issue. While SELinux is enforcing, apache returns a Forbidden error instead.
Any thoughts on what SELinux policy I need to adjust?
Best Answer
Thanks for the suggestion to use audit2allow, tilleyc. It turns out the video file was 'mislabeled' on my system and the base type was listed as an 'unlabeld_t'. After using the restorecon command, the files were accessible through the webserver. I'll have to do a little more testing to see why the error initially happened but audit2allow pointed me in the right direction. Thanks!