With discussion on the SE/Linux and restoring file context on site PHP files when in enforcing mode.. One thing I couldn't help thinking and tempted to comment on is: the admin should not have to do that by default, when you have a properly package RPM file. Did you try from the RPM? I was not privy of Docuwiki install is by tarball or RPM. But in new RedHat EL with targeted policy you can enforce per service and have it add required context during installation. So in modern CentOS at least, this should be a non issue if using RPM. Unless the packager has made a mistake and omit file context in RPM spec file header. This might be a bugzilla/feature request item then. What I am not clear on is if this works in enforcing mode or not. It's good of the people at U of O to keep the secure defaults, even despite potential disgruntled users of the image. Because if only to raise awareness of this important Linux pedagogical subject in the user community. The risk is people saying: Linux is a hassle with all this SELinux or the limes and switching to another EXE based installer platform. Not true. There should be a linked FAQ that suggests they use Se/Linux enabled software install or as on this list, follow guidance sealert. Myself, I claim not expertise, but rather have seen any sites force it to permissive, to avoid hassle upfront. There is also in LPIC-1 and RHCE guides, detailing of which default contexts apply to the httpd. But as usual, not nearly the required time to tinker with it all. They should keep it default enforcing or at least consider "targeted" mode. Might get less support calls to IT, if they use targeted. [1] SELinux faq - "If the policy shipping with an application package changes in a way that requires relabeling, will RPM handle relabeling the files owned by the package?" https://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/index.html#id3202962 [2] Centos 6 rpm package: docuwiki http://rpm.pbone.net/index.php3/stat/4/idpl/23718441/dir/centos_6/com/dokuwiki-2011.05.25a-10.3.noarch.rpm.html Thanks, Allan ("Out Here") Fields