Farkas Levente wrote:
hi,
is anyone try to use gosa with selinux?
since gosa try to write into /var/spool/gosa directory which has var_spool_t type and by default it can write into this directory. what is the prefered why to enable write for gosa into this directory? should i simple change /var/spool/gosa to httpd_sys_script_rw_t? it's working but i don't know what is the right solution.
another question how can i add this attrib to the gosa rpm for /var/spool/gosa?
yours.
Yes that is a good solution.
chcon -R -t httpd_sys_script_rw_t /var/spool/gosa
If you are using rawhide you can just add
/var/spool/gosa(/.*)? system_u:object_r:httpd_sys_script_rw_t to /etc/selinux/targeted/contexts/files/file_contexts.local
And then RPM will pick it up on install. We have not back ported this to FC3/RHEL4 yet.
and how can i add this attrin to the rpm? in the rpm there is an empty /var/spool/gosa directory. should i do a
chcon -R -t httpd_sys_script_rw_t /var/spool/gosa
during the rpm build section and the rpm automaticaly will include the attribs? or what is the prefered way to include file attribs in the rpm packages?
thanks in advance.
yours.
-- Levente "Si vis pacem para bellum!"
