[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Serving a loopback mounted ISO with Apache



On Saturday 23 April 2005 10:53, "Christofer C. Bell" 
<christofer c bell gmail com> wrote:
> Apr 22 19:48:43 circe kernel: audit(1114217323.877:0): avc:  denied  {
> getattr } for  pid=14889 exe=/usr/sbin/httpd
> path=/var/www/html/gutenberg dev=loop0 ino=1792
> scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:iso9660_t
> tclass=dir

You could add the following policy:
r_dir_file(httpd_t, iso9660_t)

> Unfortunately, I'm unable to relabel this content because the iso9660
> filesystem does not support extended attributes:

Use the context option to mount.  Put 
context=system_u:object_r:httpd_sys_content_t in the options file 
of /etc/fstab for example.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]