[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Allowing a apache to access a user folder by using semanage

From: Jan-Frode Myklebust <mykleb no ibm com>
To: fedora-selinux-list redhat com
Subject: Re: Allowing a apache to access a user folder by using semanage
Date: Wed, 9 May 2007 23:15:07 +0200

On 2007-05-09, Josef Meile <jmeile hotmail com> wrote:
> Ok, then is httpd_sys_content_t the right one? I solve it as follows:
>
> semanage fcontext -a -t httpd_t "/home/zopeuser/data(/.*)?"
> chcon -R -t httpd_sys_content_t /home/zopeuser/data
>

The semanage command should have set httpd_sys_content_t, not httpd_t.

	semanage fcontext -a -t httpd_sys_content_t "/home/zopeuser/data(/.*)?"
	restorecon -R /home/zopeuser/data

... I guess the restorecon will fail on a few symlinks again, but get
the rest right. I'd prefer restorecon over "chcon -t" just to make sure
the labeling rules are right, and woun't get wrong if you ever do a full
"touch /.autorelabel".

  -jf

Follow-Ups:
- Re: Allowing a apache to access a user folder by using semanage
  - From: Josef Meile

References:
- Allowing a apache to access a user folder by using semanage
  - From: Josef Meile
- Re: Allowing a apache to access a user folder by using semanage
  - From: Jan-Frode Myklebust
- Re: Allowing a apache to access a user folder by using semanage
  - From: Josef Meile
- Re: Allowing a apache to access a user folder by using semanage
  - From: Stephen Smalley
- Re: Allowing a apache to access a user folder by using semanage
  - From: Josef Meile

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]