Patrick Chiang wrote:
If you use system-config-securitylevel, these booleans get a better translation. It probably would beDear all,
I'm new to SELinux, hopefully my question is not a FAQ, I've googled around for a while but still no clues at all.
while I run sestatus, I found these messages...
allow_ypbind inactive httpd_disable_trans inactive httpd_enable_cgi active httpd_enable_homedirs active httpd_ssi_exec active httpd_unified active named_disable_trans inactive named_write_master_zonesinactive
some of them are easy to understand, but the rest phrases, such as named_disable_trans, httpd_unified, are
rather difficult.
a good idea to use the translation table in s-c-sl for this tool. (Put it on my todo list. :^))
SERVICE_disable_trans - if active means that the SERVICE will run without SELinux protection,
so if I can not get apache to run under SELinux I could specify
setsebool -P httpd_disable_trans 1
And then restart httpd, it will now run under unconfined_t instead of httpd_t.
httpd_unified - tells policy to treat all files marked as httpd content the same way.
So httpd and freiends can read/write/execute all content.
Does anybody know how to decode these?
TIA,
Patrick
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
