On Tue, 2005-03-22 at 10:48 -0500, Stephen Smalley wrote:
> This suggests that your filesystem isn't labeled. Touch /.autorelabel
> and reboot, or manually boot single-user and run /sbin/fixfiles relabel.
I've done that, and it does seem to have fixed the problems with named
and dhcpd. At least, there are no more avc messages.
However, it seems to have disabled my web server. I guess this is
because I'm strange and prefer the web root to be /web, not /var/www.
I have tried adding lines (below) into apache.fc and then running 'make'
in src/policy, but it didn't help.
HOME_DIR/((www)|(web)|(public_html))(/.+)?
system_u:object_r:httpd_ROLE_content_t
/web(/.*)? system_u:object_r:httpd_sys_content_t
/web/cgi-bin(/.*)?
system_u:object_r:httpd_sys_script_exec_t
/var/www(/.*)? system_u:object_r:httpd_sys_content_t
/var/www/cgi-bin(/.*)?
system_u:object_r:httpd_sys_script_exec_t
I later tried adding the audit2allow lines to apache.te and running
make, but that failed too.
allow httpd_t default_t:dir { getattr search };
allow httpd_t default_t:file { getattr read };
allow httpd_t default_t:lnk_file read;
What am I doing wrong?
Ruth
--
Ruth Ivimey-Cook <ruth@xxxxxxxxxx>
