Serving a loopback mounted ISO with Apache
Russell Coker
russell at coker.com.au
Sat Apr 23 02:18:27 UTC 2005
On Saturday 23 April 2005 10:53, "Christofer C. Bell"
<christofer.c.bell at gmail.com> wrote:
> Apr 22 19:48:43 circe kernel: audit(1114217323.877:0): avc: denied {
> getattr } for pid=14889 exe=/usr/sbin/httpd
> path=/var/www/html/gutenberg dev=loop0 ino=1792
> scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:iso9660_t
> tclass=dir
You could add the following policy:
r_dir_file(httpd_t, iso9660_t)
> Unfortunately, I'm unable to relabel this content because the iso9660
> filesystem does not support extended attributes:
Use the context option to mount. Put
context=system_u:object_r:httpd_sys_content_t in the options file
of /etc/fstab for example.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list