On Wed, 2005-03-16 at 13:41 -0600, Marc Powell wrote:
>
> > -----Original Message-----
> > From: centos-bounces@xxxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxxx]
> On
> > Behalf Of James B. Byrne
> > Sent: Wednesday, March 16, 2005 1:26 PM
> > To: CentOS discussion and information list
> > Subject: Re: [Centos] CentOS4 SELinux and Mailman
> >
> > I have stepped through the selinux authentication process with
> > mailman and the following work-around resolves the issue locally.
> > However, this or its equivalent probably should be rolled in to an
> > updated selinux-policy-targeted rpm for CentOS.
> >
> > 1. Install selinux-policy-targeted-sources
> >
> > 2. edit /etc/selinux/targeted/src/policy/domains/misc/local.te
> >
> > 3. Add the following lines to local.te
> >
> > allow mailman_cgi_t file_t:dir search;
> > allow mailman_cgi_t file_t:dir write;
> > allow mailman_cgi_t file_t:dir add_name;
> > allow mailman_cgi_t file_t:dir create;
> > allow mailman_cgi_t file_t:file create;
> > allow mailman_cgi_t file_t:file { getattr write };
> > allow mailman_cgi_t file_t:file read;
> > allow mailman_cgi_t file_t:lnk_file create;
> >
> > 4. cd /etc/selinux/targeted/src/policy
> >
> > 5. make reload
> >
> > 6. http://<your server here>/mailman/create now works
>
> This brings up an important question in my mind. My understanding has
> been that CentOS is a strict reproduction of RHAS, with the exception of
> all RedHat specific branding, graphics, etc, excepting yum of course.
> Are additions or modifications such as this made to CentOS that aren't
> in the equivalent RHAS packages? If so, how are they tracked and are
> they distinguished in the Release Notes?
>
> Thanks!
>
> marc
If something is changed in CentOS-4, it will have a .centos4 in the
package name. There is a change note in the changelog that explains
what has changed. (The exception being the kernel, which is changed and
not labeled .centos4 because the name needs to remain the same for
compatibility.
I think that if this is a required change for mailman, it will be an FAQ
entry and a forum post and not a package change. But we may post it to
the RH bugzilla if it is applicable there.
We do not normally change packages to fix upstream bugs unless it is not
functional without the change.
Thanks for the fix though ... we need people to fix issues and provide
solutions whenever possible :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.caosity.org/pipermail/centos/attachments/20050316/d128386e/attachment.bin
