Robert Nichols wrote:
Daniel J Walsh wrote:
ping runs under the ping_t domain and it is not allowed to write to
the home dir. When you redirect in shell, shell has the application
open the file which is not allowed. A hack to get around this
problem is
ping XYZ | cat > /home/dwalsh/myping
It's actually the shell that opens the file for input or output
redirection, so apparently SELinux is denying a write to a file
that is already open for writing. Curious.
That would seem logical, but from the kernel's perspective it looks like
the ping command is opening the file on redirection. IE
Stdout gets replaced with the write to the file. SELinux blocks on
read/write not open.
--
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
