>Ok here is how I have simulated what you are trying to do. > > cp /bin/sh /var/www/httpdsh > chcon -t httpd_exec_t /var/www/httpdsh > > Add the following lines to > /etc/selinux/targeted/src/policy/domains/misc/local.te > > > domain_auto_trans(unconfined_t,httpd_exec_t, httpd_t) > allow httpd_t devpts_t:chr_file rw_file_perms; > > cd /etc/selinux/targeted/src/policy/ > make load > setsebool httpd_tty_comm=1 > > Then run > /var/www/httpdsh > as root. > > /var/www/httpdsh > httpdsh: /root/.bashrc: Permission denied > # id > uid=0(root) gid=0(root) > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) > context=root:system_r:httpd_t:s0-s0:c0.c127 > # cat /etc/shadow > cat: /etc/shadow: Permission denied > # cat /var/log/messages > cat: /var/log/messages: Permission denied > Ok, thx for the lines. It works fine when im in Xmode (xterm), but when i change to console mode (tty1) if i execute /var/www/httpdsh it doesnot work. Its like if i dont execute the program. I dont get to the httpd bash. I dont receive any message in the console. I dont receive any message in /var/log/message. I dont receive any message in /var/log/audit/audit.log. Its like if it had not done anything What happen? -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
