Hey list!
1st, thanks to all the help I've gotten over time from the list. Stay safe everyone!!
I'm finally jumping into deploying selinux on a test system.
My use case:
To create a test local VM
To fire up httpd/mysql on the VM
To create a couple of test users on the VM
Create a test static website under /var/www/html/cat
using index.html
aa.php
I've already got the VM, test users, httpd, etc.. And things run with selinux disabled.
Now it's time to take the jump, and engage selinux!
My selinux needs:
to setup selinux attributes/security to allow apache/httpd
to run correctly
to allow the httpd to handle/process the index.html
to allow the httpd to handle/process the aa.php
also, say I create test user 'bob'
'bob' will have a dir /home/bob
I want 'bob' to be able to create/edit files,
and to be able to copy files, to read/write/delete
files into the /var/www/html/cat dir structure
I've looked through numerous docs/sites and see a bunch of stuff.
But I really don't want to screw this up, given that I realize that
messing this up can be painful to try to figure out what I did
wrong.
So:
I'm trying to figure out what I need to do for selinux for the
user 'bob'
I'm trying to figure out what I need to do for selinux for the
apache/httpd process
Trying to understand what I need to do to allow user 'bob'
access to change the /var/www/html/cat dirs..
Thoughts/Comments are more than welcome
ps:
Once I get the basic above things working, I'll be expanding
to handle mysql processes, as well as allowing external
dev/test servers to update the 'prod' system.
1st, thanks to all the help I've gotten over time from the list. Stay safe everyone!!
I'm finally jumping into deploying selinux on a test system.
My use case:
To create a test local VM
To fire up httpd/mysql on the VM
To create a couple of test users on the VM
Create a test static website under /var/www/html/cat
using index.html
aa.php
I've already got the VM, test users, httpd, etc.. And things run with selinux disabled.
Now it's time to take the jump, and engage selinux!
My selinux needs:
to setup selinux attributes/security to allow apache/httpd
to run correctly
to allow the httpd to handle/process the index.html
to allow the httpd to handle/process the aa.php
also, say I create test user 'bob'
'bob' will have a dir /home/bob
I want 'bob' to be able to create/edit files,
and to be able to copy files, to read/write/delete
files into the /var/www/html/cat dir structure
I've looked through numerous docs/sites and see a bunch of stuff.
But I really don't want to screw this up, given that I realize that
messing this up can be painful to try to figure out what I did
wrong.
So:
I'm trying to figure out what I need to do for selinux for the
user 'bob'
I'm trying to figure out what I need to do for selinux for the
apache/httpd process
Trying to understand what I need to do to allow user 'bob'
access to change the /var/www/html/cat dirs..
Thoughts/Comments are more than welcome
ps:
Once I get the basic above things working, I'll be expanding
to handle mysql processes, as well as allowing external
dev/test servers to update the 'prod' system.
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
