Valdis.Kletnieks@xxxxxx wrote:
On Wed, 28 Sep 2005 11:18:33 EDT, Daniel J Walsh said:
You need to add getattr and ioctl to your tty. I am adding it to Policy.
You could add
allow httpd_t tty_device_t:chr_file { getattr ioctl };
to local.te
Umm... you're not adding it to the shipping policy, are you? Is there any
*real* usage (as opposed to simulating a hack-in) that httpd_t needs those
two added?
These are only used when httpd_tty_comm is set, It is off by default.
httpd_tty_comm is only required if you
are using public keys that require a password to unlock. So when apache
starts it prompts the admin for a password
to unlock its certificates.
--
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
