Questions about Apache and SELinux context inheritance
Ivan Gyurdiev
ivg2 at cornell.edu
Sun Mar 13 01:34:09 UTC 2005
> So my questions are fourfold:
>
> o How can one cause the correct httpd_user_content_t type to be
> automatically assigned to user public_html directories (and
> subdirectories)?
Not possible. Put the folder in /etc/skel with the correct context.
Maybe this should be done by default in Fedora, or maybe not.
>
> o How can one cause the correct httpd_user_content_t type to be
> automatically assigned to user content (files) in user public_html
> directores?
Possible w/ file_type_auto_trans rule.
Will investigate...
> o Why are files initially receiving a user context of user_u rather
> than system_u ?
This is normal - the user part of the context is set to the user who
created the file - no problem here.
> And one file, slightly unrelated question:
>
> o When I installed this server and restored user data to it, the user
> context on all the files was set to root rather than user_u (and why
> not system_u?). I've reset everything to the correct user context
> with chcon, but I'd like to know why this happened.
Because you restored the context as root, probably.
The user is set to whoever operates on the file.
--
Ivan Gyurdiev <ivg2 at cornell.edu>
Cornell University
More information about the fedora-selinux-list
mailing list