> -----Original Message-----
> From: centos-bounces@xxxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxxx]
On
> Behalf Of James B. Byrne
> Sent: Wednesday, March 16, 2005 1:26 PM
> To: CentOS discussion and information list
> Subject: Re: [Centos] CentOS4 SELinux and Mailman
>
> I have stepped through the selinux authentication process with
> mailman and the following work-around resolves the issue locally.
> However, this or its equivalent probably should be rolled in to an
> updated selinux-policy-targeted rpm for CentOS.
>
> 1. Install selinux-policy-targeted-sources
>
> 2. edit /etc/selinux/targeted/src/policy/domains/misc/local.te
>
> 3. Add the following lines to local.te
>
> allow mailman_cgi_t file_t:dir search;
> allow mailman_cgi_t file_t:dir write;
> allow mailman_cgi_t file_t:dir add_name;
> allow mailman_cgi_t file_t:dir create;
> allow mailman_cgi_t file_t:file create;
> allow mailman_cgi_t file_t:file { getattr write };
> allow mailman_cgi_t file_t:file read;
> allow mailman_cgi_t file_t:lnk_file create;
>
> 4. cd /etc/selinux/targeted/src/policy
>
> 5. make reload
>
> 6. http://<your server here>/mailman/create now works
This brings up an important question in my mind. My understanding has
been that CentOS is a strict reproduction of RHAS, with the exception of
all RedHat specific branding, graphics, etc, excepting yum of course.
Are additions or modifications such as this made to CentOS that aren't
in the equivalent RHAS packages? If so, how are they tracked and are
they distinguished in the Release Notes?
Thanks!
marc
