sharing an object with two subjects, with mutltiple types ?
Daniel J Walsh
dwalsh at redhat.com
Thu Sep 29 19:35:56 UTC 2005
Kevin Verma wrote:
>But I want to have a read-only access to this public repository. How to ?
>On 9/29/05, Daniel J Walsh <dwalsh at redhat.com> wrote:
>
>
>>Kevin Verma wrote:
>>
>>
>>
>>>Hi,
>>>
>>>Is it possible to share a data repositry with two catagories of
>>>subjects. For example, I hit a bump for sharing a data repository
>>>among both httpd and samba (on FC4).
>>>
>>>Thanks for reading,
>>>
>>>--
>>>fedora-selinux-list mailing list
>>>fedora-selinux-list at redhat.com
>>>https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>>>
>>>
>>>
>>>
>>public_content_t and public_content_rw_t (Used to be ftpd_anon_t and
>>ftpd_anon_rw_t).
>>
>>If you need a particular domain to write to a sharded directory/file you
>>need to set the appropriate boolean
>>allow_DOMAIN_anon_write
>>
>>So to allow samba to write to public_content_rw_t, you would set the boolean
>>
>>setsebool -P allow_smb_anon_write=1
>>
>>
>>
>>--
>>
>>
>>
>>
>>
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
If you don't set the boolean, that domain will not have access.
There is a bug in current policy where if you don't set the boolean for
a domain, it does not get
read access to the public_content_rw_t directory.
--
More information about the fedora-selinux-list
mailing list