SELinux and Squid - Non-default squid http_port (!=3128)
Thomas Springer
th.springer at gmx.net
Sun Aug 28 02:44:24 UTC 2005
=== Date : Sun, 28 Aug 2005 04:05:44 +0200
=== From : Øyvind Stegard
> Thomas Springer wrote:
> >
> > Find panel SELinux and change 'squid_allow_any' in category /Others.
> I ended up using 'setsebool', and set the key 'squid_disable_trans'
> to TRUE. What does this mean, disable domain transition, in SELinux
> lingo ? It works, at least. Haven't tried altering 'squid_allow_any'.
This is the standard Boolean for all targeted daemons, allowing you to
disable the transition from unconfined_t to squid_t.[1]
So you should prefer the 2nd boolean just like Rahul said it.
I dunno why they are called differently.
> Øyvind.
Thomas
[1]
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/selg-section-0059.html
More information about the fedora-list
mailing list