I am setting up a new mythweb server on F18x64 and whereas historically I've just put selinux into permissive mode in this instance I want to actually use it as an opportunity to learn more about selinux and correct configuration.
I've therefore hit a small problem and want to make sure I've understood correctly before doing this....
mythweb allows recorded programs to be streamed to a remote client via an asx stream.....
Quite rightly selinux is saying "whoa boy...not on my watch!!" and throwing a permissions query......
Selinux is preventing /usr/bin/perl from getattr access to the file /path/to/file/xxxxxxxxxxx.mpg
If you want to allow perl to have getattr access on the xxxxxxxxxx.mpg file
Do
semanage fcontext -a -t FILE_TYPE '/path/to/file/xxxxxxxxxxx.mpg'
where FILE_TYPE is one of the following.....very very very long list of file types
then execute
restorecon -v '/path/to/file/xxxxxxxx.mpg'
What I ACTUALLY want to do though is set permissions for that whole directory if the file is an mpg file, so that files created subsequently also have the corrct permissions setup already.
Also I'm not 100% certain which FILE_TYPE is most appropriate, I'm guessing it's httpd_php_tmp_t but would appreciate any other views.
Thanks in advance.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
