On Sun, 26 Jun 2005, Ivan Gyurdiev wrote: > On Sun, 2005-06-26 at 01:13 -0400, James Z. Li wrote: > > How did u relabel bb.html and bb2.html? > > Did you change the apache.fc file to label the files and dirs > > under /home/bb/bb/www, followed by "make load" and > > then "setfiles" / "restorecon"? > > > It should not be necessary to change policy to > label httpd content, as this type is marked customizable > (therefore it survives a restorecon). > > Can you check and make sure /home/bb/bb/www is marked > httpd_*_content_t, and not user_home_t... (pocono pts16) # la -Z /home/bb/bb/www drwxr-xr-x bb bb root:object_r:httpd_sys_content_t . drwxr-xr-x bb bb root:object_r:user_home_t .. -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-ack.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-hist.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-histlog.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-hostsvc.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-rep.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-replog.sh -rw-rw-r-- bb bb user_u:object_r:user_home_t bb.html -rw-rw-r-- bb bb user_u:object_r:user_home_t bb2.html drwxr-xr-x bb bb root:object_r:httpd_sys_content_t gifs drwxr-xr-x bb bb root:object_r:httpd_sys_content_t help drwxr-xr-x bb bb root:object_r:httpd_sys_content_t html -rw-r--r-- bb bb root:object_r:httpd_sys_content_t index.html drwxr-xr-x bb bb root:object_r:httpd_sys_content_t newbldg drwxr-xr-x bb bb root:object_r:httpd_sys_content_t notes drwxrwxr-x bb apache root:object_r:httpd_sys_content_t rep drwxr-xr-x bb bb root:object_r:httpd_sys_content_t reynolds drwxr-xr-x bb bb root:object_r:httpd_sys_content_t rogueind drwxr-xr-x bb bb root:object_r:httpd_sys_content_t routers drwxr-xr-x bb bb root:object_r:httpd_sys_content_t xo (pocono pts16) # The bb.html and bb2.html files are created every time bb polls the machines (every 5 minutes). I have tried doing chcon -t httpd_sys_content_t bb?.html on them but they always change back. Do I have to do something with the bb daemon itself? Here is what how the binaries are labeled: (pocono pts16) # la -Z /home/bb/bb/bin drwxr-xr-x bb bb root:object_r:httpd_sys_content_t . drwxr-xr-x bb bb root:object_r:user_home_t .. -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-combo.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-display.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-mailack.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-network.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bb-ping.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbd -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbmv -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbmv.DIST -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbnet -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbprune -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbprune.DIST -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbrm -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbrm.DIST -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbrun -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t bbstat -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t dumphostsvc -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t getipaddr -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t getipaddr.sh -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t sendmsg -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t sendsms -rwxr-xr-x bb bb root:object_r:httpd_sys_content_t touchtime (pocono pts16) # Regards, Tom Diehl tdiehl@xxxxxxxxxxxx Spamtrap address mtd123@xxxxxxxxxxxx -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
