On Sep 27, 2011, at 9:01 AM, Miroslav Grepl wrote: > On 09/25/2011 12:34 AM, Vadym Chepkov wrote: >> Hi, >> >> I think man httpd_selinux is outdated in RHEL6 >> >> it looks like proper name for httpd_sys_content_rw_t is httpd_sys_rw_content_t. >> >> at least rectorecon is trying to correct it all the time : >> >> for example: >> >> restorecon reset /var/www/sel_blog/wp-content/uploads/2011/01/logo-150x150.jpg context system_u:object_r:httpd_sys_rw_content_t:s0->system_u:object_r:httpd_sys_content_rw_t:s0 >> >> Vadym >> >> -- >> selinux mailing list >> selinux@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/selinux > Vadym, > > rpm -q selinux-policy Yep, I upgraded to 6.1 and manual was changed. It is still inconsistent though: selinux-policy-3.7.19-93.el6_1.7.noarch man httpd_selinux httpd_sys_rw_content_t - Set files with httpd_sys_rw_content_t if you want httpd_sys_script_exec_t scripts and the daemon to read/write the data, and dis- allow other non sys scripts from access. httpd_sys_content_ra_t - Set files with httpd_sys_content_ra_t if you want httpd_sys_script_exec_t scripts and the daemon to read/append to the file, and disallow other non sys scripts from access. why "rw" is a prefix, but "ra" is a suffix ? Thanks, Vadym -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
