Re: giving ftp access to specif files and directories

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Clarkson, Mike R (US SSA) wrote:
> In RHEL5.1, I don't see an interface allowing the policy writer to give
> the ftp daemon access to specific file and directory types. This would
> be nice to have.
> 
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Not sure what you are after here.  Do you want to label a directory or
file with public_content_t will allow ftp to gain access.

If the files are labeled something non default you could add allow rules
using audit2allow -M myftp.

If you want to add a type specific to ftp that other daemons would not
have access to IE Not public_content_t, you could define a module

type ftp_content_t;
files_type(ftp_content_t)

...

Then allow access.  And set the labeling correct

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux