Setting up CVS repository and avoiding Selinux issues?
Craig White
craigwhite at azapple.com
Wed Apr 29 02:16:16 UTC 2009
On Tue, 2009-04-28 at 19:07 -0700, Daniel B. Thurman wrote:
>
> I am trying to get my CVS repository setup. Apparently,
> it appears that the repository must be in the root directory,
> otherwise I get selinux permission denials.
>
> What I tried to do initially was to locate the repository
> on a NTFS filesystem for which the context is fusefs
> which could not be changed, no matter what I tried.
> I got selinux permission errors.
>
> Giving that up, I moved the repository to a ext3 filesystem
> located on a separate drive/partition, mounted on /f-App1,
> where the repository is located @ /f-App1/Develop/cvs, and did:
>
> cd /f-App1/Develop/
> chown -R cvs:cvs cvs
> chcon -R -t cvs_data_t cvs
> find cvs -type d -exec chmod 755 {} \;
> find cvs -type t -exec chmod 754 {} \;
> ln -s /f-App1/Develop/cvs /cvs
>
> and I got selinux complaining that the files are not /cvs rooted.
>
> So I did:
>
> cp -a /f-App1/Develop/cvs /cvs1
> rm -f /cvs
> ln -s /cvs1 /cvs
>
> And it worked.
>
> How can I place my repository in a non-rooted, non-standard
> repository location and avoid the selinux complaints?
----
if it were me...
1 - I would never consider using NTFS filesystem for any versioning
software system for a LOT of reasons
2 - I would probably use git or svn before cvs but hey, it's not me.
3 - I haven't the foggiest notion of what the contexts are for cvs but
generally you look at the contexts that they have now that seem to be
working, move the files wherever and I think the contexts will follow
the files/folders and use commands like chcon and semanage...
chcon is temporary, probably a good starting point to test file/folder
contexts
semanage is permanent, once you have it figured out.
I used this...
semanage fcontext -a -t clamd_t "/var/clamav(/.*)?"
for clamav because they don't seem to want to fix that package ;-(
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the fedora-list
mailing list