All websites are down after changing virtual hosts' location when SELinux in the enforcing mode

Symptoms

• All websites are down after changing virtual hosts' location when SELinux in the enforcing mode:

  # getenforce
  Enforcing

• The following rows can be found in /var/log/audit/audit.log:

  CONFIG_TEXT: type=AVC msg=audit(1497589270.824:43672): avc: denied
  { read } for pid=24968 comm="/usr/sbin/httpd" name=".htaccess" dev="vda1" ino=26584342 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:default_t:s0 tclass=file

• The next rows can be found in /var/log/messages:

  CONFIG_TEXT: pod8 python: SELinux is preventing fail2ban-server from search access on the directory /home/vhosts/system.#012#012**** Plugin catchall (100. confidence) suggests *************************#012#012If you believe that fail2ban-server should be allowed search access on the system directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'fail2ban-server' --raw | audit2allow -M my-fail2banserver#012# semodule -i my-fail2banserver.pp#012

Cause

This is an internal issue with ID #PPPM-6521, which is planned to be fixed in future product updates.

Resolution

As a workaround, set SELinux to permissive mode prior to changing vhosts' location:

# setenforce permissive