Re: rsync and selinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 01/07/2013 03:59 AM, lhecking@xxxxxxxxxxxxxxxxxxxxx wrote:
>   Big mistake. Most or all services with config files under /etc could
>   no longer read their config files, including ssh. It looks like the selinux
>   type was substituted rather than added? Thankfully, I was able to recover.

Yes, I believe that you added a new file context rule to the 
configuration, and that rule had precedence over the system policy. 
Files have just one context.

>   What is the correct way to give rsync full access to everything under
>   selinux?

The easiest way is to use rsync over ssh, rather than rsync as a daemon. 
  As long as you aren't running it as a daemon, I don't believe that 
it's confined.

Also, run rsync with -v to get more information about what's being 
skipped and why, and run 'tail -f /var/log/audit/audit.log' while you 
rsync to make sure that there aren't AVCs logged.  If there aren't AVCs, 
it's probably not an SELinux problem.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux