Big brother and httpd

Russell Coker russell at
Mon Jun 27 03:05:32 UTC 2005

On Sunday 26 June 2005 22:42, Tom Diehl <tdiehl at> wrote:
> > Can you check and make sure /home/bb/bb/www is marked
> > httpd_*_content_t, and not user_home_t...
> (pocono pts16) # la -Z /home/bb/bb/www
> drwxr-xr-x  bb       bb       root:object_r:httpd_sys_content_t .
> drwxr-xr-x  bb       bb       root:object_r:user_home_t        ..
> The bb.html and bb2.html files are created every time bb polls the
> machines (every 5 minutes). I have tried doing
> chcon -t httpd_sys_content_t bb?.html on them but they always change back.

Those files are apparently created somewhere else, maybe /home/bb/bb?  Maybe 
if you run your chcon -R operation on /home/bb the results will be better.

A change to bb might help.  You could either have it create the files in an 
appropriate directory that has the desired label or have it chcon them after 
creation (but before moving).  How is the bb program run?  Is it a daemon or 
a cron job?

There has been some work on getting NAGIOS running under SE Linux.  It seems 
that NAGIOS is the leading product in this area.

--   My NSA Security Enhanced Linux packages  Bonnie++ hard drive benchmark    Postal SMTP/POP benchmark  My home page

More information about the fedora-selinux-list mailing list