Unnamed document

食言、信口开河将会对两人的关系造成不可弥补的破坏,甚至也许是关系破裂的开始。
我希望永远不要再这样了,对自己爱的人。

宝贝生日快乐

陪宝贝度过的第一个生日

哭哭啼啼的度过了

宝贝为了让我好好睡觉,假装开心的陪我到这么晚,她应该还会去看一会儿小埋才肯去睡

宝贝情感洁癖严重,希望下辈子能让宝贝慢慢释怀

很爱你,宝贝,愿意跟你不离不弃

Modifying SElinux configure for allowing nginx reverse proxy local site

Read about audit2allow and used it to create a policy to allow access to the denied requests for nginx.

    [root]# sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -m nginxlocalconf > nginxlocalconf.te
    [root]# cat nginxlocalconf.te 
    
    module nginxlocalconf 1.0;
    
    require {
        type httpd_t;
        type var_t;
        type transproxy_port_t;
        class tcp_socket name_connect;
        class file { read getattr open };
    }
    
    #============= httpd_t ==============
    
    #!!!! This avc can be allowed using the boolean 'httpd_can_network_connect'
    allow httpd_t transproxy_port_t:tcp_socket name_connect;
    allow httpd_t var_t:file { read getattr open };
    [root]# sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M nginxlocalconf
    ******************** IMPORTANT ***********************
    To make this policy package active, execute:
    
    semodule -i nginxlocalconf.pp
    
    [root]# semodule -i nginxlocalconf.pp

To allow http server to connect local DB, like mysql, do as fllows:

# setsebool -P httpd_can_network_connect 1
# setsebool -P httpd_can_network_connect_db 1

To allow nginx(or apache, php-fpm, etc...) to write/read some dir, do as fllows:

semanage fcontext -a -t httpd_sys_rw_content_t "/path(/.*)?"
restorecon -r /path

see kuddusic.wordpress.com


How to fix permission denied under Linux with SELinux:
update-wordpress-with-selinux-enabled
install-wordpress-centos-7

暂别上海

今天来收拾打扫办公室,被办公室其他团队抛弃的一盆小草让我犯难了,就是这个
572D64D2-7568-4BEF-88FD-68D25922B488.jpeg

我自己当时养的一棵盆栽已经送给了庆庆,这棵盆栽不是我养的但办公室另一个团队走了之后我就成了他的继父。
把它放到楼梯口又留了个纸条后回来继续打扫办公室发现它有一条小小的根已经扎到了地板缝里,突然感觉好……
3A05117A-FB91-4D44-8320-8AD4EEE6B34A.jpeg