Last days I have lost some hours debugging a interesting problem. After setting up RANCID a SVN repository and ViewVC, ViewVC did not show the SVN branch and changed configs etc. Initially I my thought was it is a syntax problem. Since the last CentOS installation I have made 5 years ago, many thing have changed. Mostly small things. Still it took me around 4h of working why ViewVC did not display the repository. The reason for it was SElinux which is enabled per default on Red Hat based distributions.
The failure message I have sighted after hours in /var/log/messages:
May 30 13:23:04 linux kernel: type=1400 audit(1464607384.915:4): avc: denied { getattr } for pid=930 comm="httpd" path="/var/rancid/CVS/format" dev=sda1 ino=263848 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:var_t:s0 tclass=file
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
Finally the SELINUX policy had to be changed from enforcing to disabled This is something I have not noticed since the last CentOS based system have been installing was CentOS 5. Looks the SELINUX policy for CentOS has been changed in that time.