|
On 07/27/2013 07:04 AM, Shintaro
Fujiwara wrote:
Hi !
I fixed geeklog (php CMS) source and put some shell
script with geeklog SELinux module and made them a
tar-ball.
There are logs directory in geeklog and php fopen wants
to write its log.
I don't want to allow httpd_t write to httpd_log_t so, I
wrote geeklog.fc and made a module only to allow write the
very directory.
I set httpd_sys_rw_content_t to geeklog's logs directory,
backups and data directories.
Maybe I should set httpd_sys_rw_content images directory, too.
Those informations will be seen at
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
Yes, the httpd_sys_rw_content_t labeling is correct for the
/var/www/geeklog-2.0.0_fedora19_SELinux/logs(/.*)? directory in this
case.
Basically you can follow
https://git.fedorahosted.org/cgit/selinux-policy.git/tree/apache.fc?h=master_contrib
for examples.
Regards,
Miroslav
|
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
