Running httpd scripts from nfs mounts?
John W. Lockhart
lockhart at redhat.com
Thu Jan 27 16:25:40 UTC 2005
Stephen Smalley wrote:
> On Thu, 2005-01-27 at 10:36, Daniel J Walsh wrote:
>
>>Ah, good point, I wonder if this might be a bug? Is the kernel not
>>seeing the file as httpdcontent but as nfs_t
>>even though the mount option was specified.
>
>
> Is the filesystem mounted nosuid? If so, the kernel will ignore domain
> transitions on it for the same reason as it ignores setuid programs.
>
Aha! It is indeed mounted nosuid:
rw,nosuid,nodev,noatime,rsize=8192,wsize=8192,bg,intr,soft,context=system_u:object_r:httpd_sys_content_t
Any other options I should or shouldn't have in there?
-- John
More information about the fedora-selinux-list
mailing list