[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: apache serving nfs-hosted files on FC5

From: Daniel J Walsh <dwalsh redhat com>
To: Ben <bench silentmedia com>
Cc: Fedora SELinux support list <fedora-selinux-list redhat com>
Subject: Re: apache serving nfs-hosted files on FC5
Date: Tue, 11 Apr 2006 17:47:13 -0400

Ben wrote:

Is there a simple boolean that lets me do this? My avc errors look like:
Apr 9 11:21:50 charlotte kernel: audit(1144606910.006:153): avc:denied { search } for pid=17677 comm="httpd" name="/" dev=0:12ino=292243 scontext=root:system_r:httpd_t:s0tcontext=system_u:object_r:nfs_t:s0 tclass=dirApr 9 11:21:50 charlotte kernel: audit(1144606910.006:154): avc:denied { getattr } for pid=17677 comm="httpd" name="/" dev=0:12ino=292243 scontext=root:system_r:httpd_t:s0tcontext=system_u:object_r:nfs_t:s0 tclass=dir

Right now this is not something we have come across, but if you set thefollowing booleans it will be allowed

setsebool -P httpd_enable_homedirs=1 use_nfs_home_dirs=1

Not ideal but it works.

Probably should bugzilla this to have a boolean httpd_use_nfs or something.

On a related note, is there a way to see what the various booleans aresupposed to be good for?
--
fedora-selinux-list mailing list
fedora-selinux-list redhat com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

References:
- apache serving nfs-hosted files on FC5
  - From: Ben

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]