On Thursday 28 June 2007 03:55:15 am Tony Molloy wrote: > Hi, > > This is on CentOS but it's a SELinux question. > > I have a filesystem which I need to make available under ftp ( vsftpd ) > httpd ( apache ) and NFS. It contains our local mirrors. > > What should the permissions and the SELInux context be on the filesystem > and how can I relabel it so that it can be available under all three. > > The current permissions/SELinux context are > > drwxr-xr-x root root system_u:object_r:default_t mirrors > > and I want something like > > drwxr-xr-x root root root:object_r:public_content_t TEST you do want the public_content_t (or perhaps the public_content_rw_t if it's not read only). you may also need to check booleans to allow the different daemons to write to the pubilc_content_t areas: allow_ftpd_anon_write --> off allow_httpd_anon_write --> off allow_httpd_apcupsd_cgi_script_anon_write --> off allow_httpd_bugzilla_script_anon_write --> off allow_httpd_squid_script_anon_write --> off allow_httpd_sys_script_anon_write --> off allow_nfsd_anon_write --> on allow_rsync_anon_write --> off allow_smbd_anon_write --> on -- Anthony - http://messinet.com - http://messinet.com/~amessina/gallery 8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
