Big brother and httpd
Daniel J Walsh
dwalsh at redhat.com
Mon Jun 27 11:34:46 UTC 2005
Russell Coker wrote:
>On Sunday 26 June 2005 22:42, Tom Diehl <tdiehl at rogueind.com> wrote:
>>>Can you check and make sure /home/bb/bb/www is marked
>>>httpd_*_content_t, and not user_home_t...
>>(pocono pts16) # la -Z /home/bb/bb/www
>>drwxr-xr-x bb bb root:object_r:httpd_sys_content_t .
>>drwxr-xr-x bb bb root:object_r:user_home_t ..
>>The bb.html and bb2.html files are created every time bb polls the
>>machines (every 5 minutes). I have tried doing
>>chcon -t httpd_sys_content_t bb?.html on them but they always change back.
>Those files are apparently created somewhere else, maybe /home/bb/bb? Maybe
>if you run your chcon -R operation on /home/bb the results will be better.
>A change to bb might help. You could either have it create the files in an
>appropriate directory that has the desired label or have it chcon them after
>creation (but before moving). How is the bb program run? Is it a daemon or
>a cron job?
>There has been some work on getting NAGIOS running under SE Linux. It seems
>that NAGIOS is the leading product in this area.
Can you change the program to cp the files rather than mv them? That
would allow it to get the
More information about the fedora-selinux-list