Serving data from a DVD via httpd

Mikkel L. Ellertson mikkel at infinity-ltd.com
Sun Jul 13 13:08:20 UTC 2008


Uno Engborg wrote:
> I'm trying to mount a DVD inside /var/www/html and serve it using httpd.
> The problem is that the DVD have the wrong SELinux context
> 
> I try to do somethng like this:
> 
> mount  -o context=system_u:object_r:httpd_sys_content_t,ro /dev/cdrom 
> /var/www/html/mymountpoint
> 
> but that doen't change the context on the mouned dvd, and consequently, 
> apache fails to serve it.
> If I run audit2allow it tells me to:
> allow httpd_t iso9660_t:dir getattr;
> 
> I supose I could make such a module, but I rather not as there might be 
> more dvds mounted elsewhere
> in the system that should remain protected from apache.
> 
> Ideas anyone?
> 
> Regards
> Uno Engborg
> 
The context is wrong - try replacing it with:

context=system_u:object_r:httpd_sys_content_t:s0

The :s0 is important.

Mikkel
-- 

   Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080713/ac72ddb0/attachment-0001.sig>


More information about the fedora-list mailing list