Dont know the meaning of sestatus's report
Patrick Chiang
patrick at fany.info
Thu Nov 11 14:01:21 UTC 2004
Thanks Daniel,
your approach is really smart :)
I used to change the settings by the following,
# cd /etc/selinux/$selinux_policy/
# vi booleans
(change something from F to T or vice versa)
# load_policy policy/policy.18 booleans
now setsebool -P httpd_disable_trans 1 looks much cool :-)
thanks for sharing your experience :)
Patrick
> >
> If you use system-config-securitylevel, these booleans get a better
> translation. It probably would be
> a good idea to use the translation table in s-c-sl for this tool. (Put
> it on my todo list. :^))
>
> SERVICE_disable_trans - if active means that the SERVICE will run
> without SELinux protection,
> so if I can not get apache to run under SELinux I could specify
>
> setsebool -P httpd_disable_trans 1
>
> And then restart httpd, it will now run under unconfined_t instead of
> httpd_t.
>
> httpd_unified - tells policy to treat all files marked as httpd content
> the same way.
> So httpd and freiends can read/write/execute all content.
>
> >Does anybody know how to decode these?
More information about the fedora-selinux-list
mailing list