Questions about Apache and SELinux context inheritance
Colin Walters
walters at redhat.com
Sun Mar 13 02:31:28 UTC 2005
On Sat, 2005-03-12 at 18:46 -0600, Christofer C. Bell wrote:
> I have a question about how context inheritance works in SELinux.
>
> The correct file context is already defined in
> /etc/selinux/targeted/contexts/files/file_contexts as:
Ah, sorry, so you are running targeted policy. With all your discussion
of users I had assumed it was strict.
One thing that might explain a lot then is that httpd_sys_content_t and
httpd_user_content_t are exactly the same thing in the targeted policy:
domains/program/apache.te:
ifdef(`targeted_policy', `
typealias httpd_sys_content_t alias httpd_user_content_t;
typealias httpd_sys_script_exec_t alias httpd_user_script_exec_t;
More information about the fedora-selinux-list
mailing list