Re: Relabeling question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thursday 28 June 2007 12:23, Anthony Messina wrote:
> On Thursday 28 June 2007 03:55:15 am Tony Molloy wrote:
> > Hi,
> >
> > This is on CentOS but it's a SELinux question.
> >
> > I have a filesystem which I need to make available under ftp ( vsftpd )
> > httpd ( apache ) and NFS. It contains our local mirrors.
> >
> > What should the permissions and the SELInux context be on the filesystem
> > and how can I relabel it so that it can be available under all three.
> >
> > The current permissions/SELinux context are
> >
> > drwxr-xr-x  root root system_u:object_r:default_t      mirrors
> >
> > and I want something like
> >
> > drwxr-xr-x  root root root:object_r:public_content_t   TEST
>
> you do want the public_content_t (or perhaps the public_content_rw_t if
> it's not read only).
>

This is a read only mirror site so public_content_t should be enough.
How do I do that.

> you may also need to check booleans to allow the different daemons to write
> to the pubilc_content_t areas:
>
> allow_ftpd_anon_write --> off
> allow_httpd_anon_write --> off
> allow_httpd_apcupsd_cgi_script_anon_write --> off
> allow_httpd_bugzilla_script_anon_write --> off
> allow_httpd_squid_script_anon_write --> off
> allow_httpd_sys_script_anon_write --> off
> allow_nfsd_anon_write --> on
> allow_rsync_anon_write --> off
> allow_smbd_anon_write --> on

I looked at the booleans with system-config-selinux and set those I thought I 
needed.

Thanks,

Tony

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux