How to set selinux policy "allow httpd_t unconfined_t:shm { unix_read unix_write }; " using an seboolean? (How to get a new seboolean?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi.  I'm trying to get OTRS running on CentOS 5.5 with SELinux enabled,
and audit.log / audit2allow tell me I need to add the local policy:


#============= httpd_t ==============
allow httpd_t unconfined_t:shm { unix_read unix_write };

which I think will allow the httpd access to read and write from shared memory?
Is that right?  What are the risks involved in opening this?  I notice it is
denied by the default policy.

To simplify configuration management, I would prefer to make this setting
using /usr/sbin/setseebool, but I don't see an sebool that deals with shm...

How do I request one?  (And whom do I ask?)

Thanks,
-at
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux