Shared data are

Daniel J Walsh dwalsh at
Wed Jul 20 12:44:12 UTC 2005

Paul Howarth wrote:

>On Tue, 2005-07-19 at 13:12 +0200, Nicklas Norling wrote:
>>I would encourage a boolean for shared data location. I think labeling a 
>>folder and it's subcontent with a specific label and then have different 
>>services be able to use it might be a start. That way I could disallow 
>>smb the rights but allow ftpd and httpd (as an example). I think that 
>>would be a great improvment from my point of view.
>I think this is a great idea. I have a file server at home where I stick
>all the software I've downloaded, some for Linux and some for Windows.
>The Windows box accesses the area using samba and Linux uses httpd as
>I've set up a local yum repo for the Linux software. So in Niklas' idea
>I'd be enabling httpd and smb for this and not ftp.
>This type might be a good one to use for everything under /srv...
Ok.  I am allowing ftpd, samba, apache and/or apache scripts, rsync to 
read ftpd_anon_t.

So if you want files shared by these services, you can change the 
context to ftpd_anon_t.


More information about the fedora-selinux-list mailing list