SELinux/httpd integration
Karsten Wade
kwade at redhat.com
Sun Nov 28 16:23:16 UTC 2004
On Tue, 2004-11-16 at 12:35, Daniel J Walsh wrote:
> Joe Orton wrote:
>
> >httpd_t *cannot* write to anything labelled with httpd_sys_content_t by
> >default, surely - that's the whole problem?
>
> Policy has been updated to allow this. Please update to
> selinux-policy-targeted-1.17.30-2.26 or greater.
I can't find this allow rule in 1.17.30-2.34. I've used apol direct and
transitive information flow analysis and good ol' grep to no avail.
Before I post a very long message detailing everything I did, can
someone tell me how httpd_t has gained write allow for
httpd_sys_content_t? FWIW, I finally set the boolean in apache.te and
recompiled policy, but still can't find the write.
thx - Karsten
--
Karsten Wade, RHCE, Tech Writer
a lemon is just a melon in disguise
http://people.redhat.com/kwade/
gpg fingerprint: 2680 DBFD D968 3141 0115 5F1B D992 0E06 AD0E 0C41
More information about the fedora-selinux-list
mailing list