Making content readable by httpd
Colin Walters
walters at redhat.com
Fri Nov 12 17:41:13 UTC 2004
On Fri, 2004-11-12 at 11:32 -0600, Ian Pilcher wrote:
> Daniel J Walsh wrote:
> > Look for AVC Messages in the /var/log/messages file.
>
> I should have posted those before. Here is an example of what happens
> when httpd tries to access the reiserfs filesystem:
>
> Nov 11 23:33:38 home kernel: audit(1100237618.326:0): avc: denied {
> search } for pid=9106 exe=/usr/sbin/httpd dev=md5 ino=2
> scontext=root:system_r:httpd_t tcontext=system_u:object_r:nfs_t tclass=dir
One approach is to mount the filesystem with the httpd_sys_content_t
type, like this:
mount -o remount,fscontext=system_u:object_r:httpd_sys_content_t /path/to/your/reiserfs
Another is to give httpd_t access to nfs_t, like this:
r_dir_file(httpd_t, nfs_t)
More information about the fedora-selinux-list
mailing list