-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/15/2013 03:43 PM, Another Sillyname wrote: > I am setting up a new mythweb server on F18x64 and whereas historically > I've just put selinux into permissive mode in this instance I want to > actually use it as an opportunity to learn more about selinux and correct > configuration. > > I've therefore hit a small problem and want to make sure I've understood > correctly before doing this.... > > mythweb allows recorded programs to be streamed to a remote client via an > asx stream..... > > Quite rightly selinux is saying "whoa boy...not on my watch!!" and throwing > a permissions query...... > > > Selinux is preventing /usr/bin/perl from getattr access to the file > /path/to/file/xxxxxxxxxxx.mpg > > If you want to allow perl to have getattr access on the xxxxxxxxxx.mpg > file > > Do > > semanage fcontext -a -t FILE_TYPE '/path/to/file/xxxxxxxxxxx.mpg' > > where FILE_TYPE is one of the following.....very very very long list of > file types > > then execute > > restorecon -v '/path/to/file/xxxxxxxx.mpg' > > What I ACTUALLY want to do though is set permissions for that whole > directory if the file is an mpg file, so that files created subsequently > also have the corrct permissions setup already. > > Also I'm not 100% certain which FILE_TYPE is most appropriate, I'm guessing > it's httpd_php_tmp_t but would appreciate any other views. > > Thanks in advance. > > > > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > What AVC are you seeing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlFtofYACgkQrlYvE4MpobM+1QCgxFYIsHC+vvYi3SlSr9HcxeoT e1EAn2R8JnSrQsew6A+TvdnrHVU5AtJw =PfsW -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
