Clarkson, Mike R (US SSA) wrote: > In RHEL5.1, I don't see an interface allowing the policy writer to give > the ftp daemon access to specific file and directory types. This would > be nice to have. > > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Not sure what you are after here. Do you want to label a directory or file with public_content_t will allow ftp to gain access. If the files are labeled something non default you could add allow rules using audit2allow -M myftp. If you want to add a type specific to ftp that other daemons would not have access to IE Not public_content_t, you could define a module type ftp_content_t; files_type(ftp_content_t) ... Then allow access. And set the labeling correct -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
