selinux and moving squid cache to another location
Alexander Dalloz
ad+lists at uni-x.org
Sat Apr 9 16:46:26 UTC 2005
Am Sa, den 09.04.2005 schrieb Jurgen Kramer um 18:32:
> I finally upgraded my aging RH9 system to FC3. I use this system as
> a squid box (among others). The squid cache is in the usual place
> under /var/spool/squid. As my root filesystem does not have enough
> room I used to mount a specific partition for squid (/dev/hda6)
> over /var/spool/squid. With RH9 this was working as a charm but with FC3
> I get the familiar selinux errors:
So /dev/hda6 is mounted with mountpoint /var/spool/squid?
> audit(1113064896.887:0): avc: denied { getattr } for pid=23318
> exe=/usr/sbin/squid path=/var/spool/squid dev=hda6 ino=2
> scontext=root:system_r:squid_t tcontext=system_u:object_r:file_t
> tclass=dir
>
> I already tried to overcome this with a chcon command to no avail.
restorecon -Rv /var/spool/squid
> How can I use /dev/hda6 as my squid cache without turning selinux of for
> squid?
Above command should be enough.
> Jurgen
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.771_FC2smp
Serendipity 18:43:43 up 10 days, 16:10, load average: 0.29, 0.28, 0.27
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050409/3606421e/attachment-0001.sig>
More information about the fedora-list
mailing list