Re: Executables run by httpd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I think you want httpd_sys_script_exec_t

On Sat, 2014-08-02 at 14:16 +0000, Matthew Saltzman wrote:
> SubGit is a system that keeps a Subversion repository and a Git
> repository in sync.  In order to do that, it includes a program called
> fast-pre-commit (C, I believe) that is run as part of Subversion's
> pre-commit process.  It lives in the Subversion repository's hooks/
> directory.  If Subversion commits are handled by httpd, then the
> pre-commit script is run, but its call to the fast-pre-commit program
> fails because it doesn't see fast-pre-commit as executable.  Local
> commits (not using httpd) work as expected.
> 
> The pre-commit script and the fast-pre-commit program both have context 
> 
>         unconfined_u:object_r:httpd_sys_rw_content_t:s0
>         
> although restorecon wants to reset the user to system_u (which doesn't
> solve the problem), and both have permissions -rwxrwxr-x.
> 
> What should fast-pre-commit's context be in order for it to execute
> properly?  Or what is the best way to make a particular executable run
> when invoked from httpd?
> 
> TIA.
> 


--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux