Hi,
I have a directory
structure that contains multiple web sites that I also want shared out using
samba to restricted users. I've just upgraded to FC5 and worked most of
the kinks out (including trying to get Samba's net getlocalsid to talk to ldap
properly, but that's another story).
current
configuration:
# ls -alZ
/MV
gives:
drwsrws--- apache
apache system_u:object_r:httpd_sys_content_t webs
however the samba
shared directory is readonly for users browsing.
If I set the type to
samba_share_t, apache can no longer read the
directory.
This also has other
implications. I have a directory in another share (Archives/Repository)
that is soft linked to a directory under a web site so that users can copy files
into it from a windows client and have them available for
download.
I found a post by
Stephen Smalley back in June last year that talks a little about this
issue:
that suggested a
possible fix by defining a new type allowing both httpd and samba to access the
files - with samba having permission to write.
Any ideas on whether
this is likely to be added to a policy for FC5 in the near future, and how can I
fix this in the interim? I'd rather not disable selinux if I can avoid it
:)
Thanks in
advance,
Robert
Foster
General
Manager
Mountain
Visions P/L http://mountainvisions.com.au
Mobile: 0418 131 065
BEGIN:VCARD VERSION:2.1 N:Foster;Robert FN:Robert Foster ORG:Mountain Visions P/L TITLE:Managing Director TEL;WORK;VOICE:(03) 8742-1770 TEL;HOME;VOICE:(03) 9748-7771 TEL;CELL;VOICE:0418 131 065 TEL;WORK;FAX:(03) 9748-7772 ADR;WORK:;;3 Trentham Close;Hoppers Crossing;Victoria;3029;Australia LABEL;WORK;ENCODING=QUOTED-PRINTABLE:3 Trentham Close=0D=0AHoppers Crossing, Victoria 3029=0D=0AAustralia URL;WORK:http://mountainvisions.com.au EMAIL;PREF;INTERNET:rfoster@xxxxxxxxxxxxxxxxxxxxxx REV:20060412T213231Z END:VCARD
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
