mounting nfs as httpd_sys_content_t under selinux
Johnny Tan
linuxweb at gmail.com
Mon Dec 10 20:05:14 UTC 2007
Stephen Smalley wrote:
> Just to clarify: it isn't just that they are coming from the same
> server but that they are coming from the same server with the same
> filesystem id.
Since the remote NFS server is an appliance, I'm pretty sure
I won't be able to mount a different filesystem on top or at
a different mountpoint in order to prevent this.
> On Mon, 2007-12-10 at 12:24 -0500, Eric Paris wrote:
>> You might get what you want with the nosharecache mount option i
>> mentioned, if adding that to both mounts doesn't help, yeah, you are
>> stuck, sorry.
I did add this option, but it's hard to tell right now
whether it because we are also disallowing from httpd side.
I'll have to wait for another downtime to test this.
Thanks to both of you for the assistance.
johnn
More information about the fedora-selinux-list
mailing list