Gitweb and SELinux
Michael Cronenworth
mike at cchtml.com
Fri Feb 5 17:16:10 UTC 2010
Dominick Grift wrote:
> Alright well by default personal git repositories are expected in
> ~/public_git.
>
> That directory and its content is labelled git_personal_t in F12 (if i
> am correct).
>
> I would probably use that for personal git repositories and give your
> gitweb app access to git_personal_t instead of git_data_t (which is a
> type for system wide shared git repositories in /var/lib/git)
Done. The default context seems to be
unconfined_u:object_r:httpd_user_content_t:s0, which makes more sense,
but SELinux still complains about allowing access to my root home
directory (/home/michael) when I reset that back to default. I have the
boolean enabled to allow httpd access to home and user directories.
>
> Can gitweb not be configured to point to the different personal
> repositories? Instead of using symlinks in /srv/git?
>
Not that I know of, but I may be missing something. The
gitweb_config.perl file only allows one $projectroot.
Any more good ideas? :D
More information about the selinux
mailing list