• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Copying content & SELinux

T

tino

Basic Pleskian
For some sites, I have manually copied site content to the httpdocs folder of the site.

For example;

mv -R /tmp/mysite/* /var/www/vhosts/mydomain.com/httpdocs
chown -R myaccount:psacln /var/www/vhosts/mydomain.com/httpdocs
Click to expand...

Now, in the browser, I get an http 403 (forbidden).

If I disable SELinux (e.g. setenforce 0) everything works. If I re-enable SELinux (e.g. setenforce 1) it stops working again.

I know this works:

chcon -R -t httpd_sys_content_t /var/www/vhosts/*/httpdocs/
chcon -R -t httpd_sys_content_t /var/www/vhosts/*/subdomains/
Click to expand...

What's the 'best practice' here?

Tino
 
Last edited:
'Best practice' is using default settings for SELinux defined in special package psa-selinux. This package modifies the SE-Linux predefined policies configurations to allow Plesk to perform its actions.
 
Tino,

Use cp instead then delete since mv does not maintain the context.

Use cp -pZ

This will preserve the owner and timestamps, and maintain the selinux context.
 
Thanks for the insight.

Since the files are coming from another machine, I guess that cp -pZ wouldn't make that much different, right? Because there are no special permissions to preserve...
But I will try it!

IgorG; Any ideas what these SELinux settings in psa-selinux are, so that I can set them after a cp/mv?

Thanks all!

Tino
 
Hi Tino,

Is this other machine online? Why not use rsync?

rsync -qaruX

You can always rsync --help for the syntax.

If there is a bunch of files to do that will work just nicely.

I use rsync on my server as I split off my ipv6 into a separate site, and I use it to copy any content added from either the ipv4 or ipv6 site. You can probably drop some option from the rsync as this was to only copy changed or content that the timestamp is later for. However run as root it will maintain the user/group and all the context.

It's worthwhile fixing the context, don't drop selinux . I always see guides saying set enforcing to off and I shudder! If your ever stuck, let me know as it's easy to generate local selinux policy if your getting audits you can't fix, don't just disable httpd in Boolean
 
I definitely do not want to turn off SELinux. :)

Thanks for the information. I had to do this kind of stuff migration off of Parallels Pro. The Migration Wizard won't work, so I copied all the content over etc. A real pain...

Thanks!

Tino
 
If your ever got selinux issues let me know. It's so easy to make a local rule if you need to tweak some things from the audits. Beats just turning off stuff in Boolean.

Let me know also if your got context issues with the files. You can wildcard them with chcon I needed.
 
You must log in or register to reply here.

Similar threads

E
Issue Urgent :( open_basedir problem
Replies
5
Views
950
manni
M
I
Issue Problems with Open-Basedir and .htaccess (Plesk Obsidian 18.0.68 Web Pro Edition on Debian 12.9)
Replies
3
Views
485
scsa20
scsa20
propz
Question Best way to include persistent Docker data in Plesk Backups?
Replies
0
Views
249
propz
propz
Stergios G
Question symbolic link, not working
Replies
7
Views
1K
Raul A.
R
C
Issue Scan does not find existing wordpress site
Replies
2
Views
472
Kaspar
K
Back
Top