Using Fedora 20 3.11.10-301.fc20.x86_64 and selinux targeted policy.29 I've a PHP application that sends data to a USB tty device e.g. /dev/usbDataCollector Unfortunately selinux is blocking this action. When set to permissive, the alert browser suggests the command: setsebool -P daemons_use_tty 1 The documentation says Allow all daemons the ability to use unallocated ttys. This naturally doesn't sound like a good idea although admittedly it probably won't hurt in this particular installation. However, I thought it would be good to find the 'correct' solution to this. But I am unable to find a more fine grain SELinux control for this, Fedora 20 has no documentation and the only vaguely relevant one I could find elsewhere is httpd_tty_com which appears unrelated as it is about allow httpd to communicate with terminal. So the question is whether there is any way to do this or is allowing all daemons the only option? -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
