Re: httpd_sys_content_rw_t

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sep 27, 2011, at 9:01 AM, Miroslav Grepl wrote:

> On 09/25/2011 12:34 AM, Vadym Chepkov wrote:
>> Hi,
>> 
>> I think man httpd_selinux is outdated in RHEL6
>> 
>> it looks like proper name for httpd_sys_content_rw_t is httpd_sys_rw_content_t.
>> 
>> at least rectorecon is trying to correct it all the time :
>> 
>> for example:
>> 
>> restorecon reset /var/www/sel_blog/wp-content/uploads/2011/01/logo-150x150.jpg context system_u:object_r:httpd_sys_rw_content_t:s0->system_u:object_r:httpd_sys_content_rw_t:s0
>> 
>> Vadym
>> 
>> --
>> selinux mailing list
>> selinux@xxxxxxxxxxxxxxxxxxxxxxx
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
> Vadym,
> 
> rpm -q selinux-policy


Yep, I upgraded to 6.1 and manual was changed. It is still inconsistent though:

selinux-policy-3.7.19-93.el6_1.7.noarch

man httpd_selinux

      httpd_sys_rw_content_t
       - Set files with httpd_sys_rw_content_t if you want httpd_sys_script_exec_t scripts and the daemon to read/write the data, and dis-
       allow other non sys scripts from access.
       httpd_sys_content_ra_t
       - Set files with httpd_sys_content_ra_t if you want httpd_sys_script_exec_t scripts and the daemon to read/append to the file,  and
       disallow other non sys scripts from access.

why "rw" is a prefix, but "ra" is a suffix ?

Thanks,
Vadym
 

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux