On Tue, 2004-11-16 at 12:35, Daniel J Walsh wrote: > Joe Orton wrote: > > >httpd_t *cannot* write to anything labelled with httpd_sys_content_t by > >default, surely - that's the whole problem? > > Policy has been updated to allow this. Please update to > selinux-policy-targeted-1.17.30-2.26 or greater. I can't find this allow rule in 1.17.30-2.34. I've used apol direct and transitive information flow analysis and good ol' grep to no avail. Before I post a very long message detailing everything I did, can someone tell me how httpd_t has gained write allow for httpd_sys_content_t? FWIW, I finally set the boolean in apache.te and recompiled policy, but still can't find the write. thx - Karsten -- Karsten Wade, RHCE, Tech Writer a lemon is just a melon in disguise http://people.redhat.com/kwade/ gpg fingerprint: 2680 DBFD D968 3141 0115 5F1B D992 0E06 AD0E 0C41
