Daniel J Walsh said the following on 13/12/2005 18:49: > Robin Bowes wrote: >>>> # Needed to allow svnmailer to execute and send commit notifications >>>> # using sendmail as httpd user >>>> allow httpd_t trac_var_t:file execute; >>>> allow httpd_t trac_var_t:file execute_no_trans; >>>> allow restorecon_t devpts_t:chr_file getattr; >>>> allow httpd_t sbin_t:lnk_file read; >> >> I followed the instructions here [1] to set up trac to work with SELinux. >> >> [1] http://projects.edgewall.com/trac/wiki/TracWithSeLinux >> >> trac_var_t is a file type creagted by the SELinux config listed on that >> site. > > Ok from reading that policy, it looks like you would be able to write to > those directories, but now you are trying to execute files in those > directories? Yes. I am running svn hooks. eg. post-commit. The post-commit script runs svn-mailer which, in turn, sends mail using /usr/sbin/sendmail and also (optionally) includes diffs in the mails (hence the need for temp file access). R. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
