James Morris wrote:
On Wed, 3 Sep 2008, Murray McAllister wrote:
subjects that are not targeted run in the unconfined_t domain type. When a
subject runs in the unconfined_t domain type, SELinux rules do not apply, and
only DAC rules are used.
I think we should keep trying to reduce the amount of jargon for users.
e.g. can "domain type" be reduced to "domain" or even "label" ?
I changed almost all instances of "domain type" to "domain".
3. As the Linux root user, start the Apache HTTP Server: /sbin/service httpd
start. When the server has started, change into a directory where your Linux
user has write access to, and run the wget http://localhost/testfile command.
Unless there are any changes to the default configuration, this command
succeeds.
I think it would be useful to show the sequence of commands and the
output, e.g. what the user would see.
I am adding output for each step.
file. Change into a directory where your Linux user has write access to, and
run the wget http://localhost/testfile command. Unless there are any changes
to the default configuration, this command fails:
HTTP request sent, awaiting response... 403 Forbidden
2008-08-22 03:48:40 ERROR 403: Forbidden.
Perhaps also show the httpd error log entry.
Thanks for the suggestions :)
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
