Johnny Tan wrote:
On Mon, 2007-12-10 at 12:24 -0500, Eric Paris wrote:
You might get what you want with the nosharecache mount option i
mentioned, if adding that to both mounts doesn't help, yeah, you are
stuck, sorry.
I did add this option, but it's hard to tell right now whether it
because we are also disallowing from httpd side. I'll have to wait for
another downtime to test this.
nosharecache seems to have done the trick!
"ls -Z" shows the correct context (previously, it showed the
same context for both, even though one wasn't mounted with
that context). And httpd gets denied in attempts to look at
the one that wasn't mounted with the httpd_sys_content_t
context.
Thanks!
johnn
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
