On 07/30/2012 09:38 AM, Steven Stern issued this missive::
On 07/30/2012 11:06 AM, Mark Haney wrote:
On 07/30/2012 11:26 AM, Steven Stern wrote:
If you copied files from some other directory into pics, then they
probably brought along their existing context. Go back to
/var/www/html
and try "sudo restorecon -r *".
I've attached the full output of the troubleshooter just in case I
managed not to include everything needed.
Run restorecon as suggested by the troubleshooter.
Yep, that did it. Sometimes I wonder if the devs of SELinux are sane.
They're sane. You have to understand just what they're trying to
accomplish and there's a lot of stuff to try to protect from. Try
looking at a grsec'd system if you want some "least privilege"
complexity.
It would be nice if there were a cp option to adopt the context of the
target. Currently, -Z requires that you set the context. I suppose it's
a good idea to keep you from shooting yourself in the foot by coping a
file that shouldn't be visible on a web site.
You can use "--preserve=context" to maintain the SELinux context of the
source file. You can't adopt the context of the target since you're
overwriting it. Makes sense if you think about it.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital ricks@xxxxxxxxxxxxxx -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- Any sufficiently advanced technology is indistinguishable from a -
- rigged demo. -
----------------------------------------------------------------------
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
