directory fcontext
mark
m.roth at 5-cent.us
Wed Jul 16 11:55:39 UTC 2014
On 07/16/14 02:46, Miroslav Grepl wrote:
> On 07/14/2014 01:07 PM, Daniel J Walsh wrote:
>> On 07/10/2014 11:25 AM, m.roth at 5-cent.us wrote:
>>> What should be the fcontext for a directory that contains cgi (or, in this
>>> case, ruby gems)?
> What is a path?
>
> We have
And we have all of our web stuff under an institutional path that is *not*
/usr or /var/www.
mark
>
> /usr/share/gems/.*/Passenger.* --
> gen_context(system_u:object_r:passenger_exec_t,s0)
> /usr/share/gems/.*/ApplicationPoolServerExecutable --
> gen_context(system_u:object_r:passenger_exec_t,s0)
> /usr/lib/gems/.*/Passenger.* --
> gen_context(system_u:object_r:passenger_exec_t,s0)
> /usr/lib/gems/.*/ApplicationPoolServerExecutable --
> gen_context(system_u:object_r:passenger_exec_t,s0)
>
> /usr/share/.*/gems/.*/helper-scripts/prespawn --
> gen_context(system_u:object_r:passenger_exec_t,s0)
>
> labeling in the policy.
>>> mark
>>>
>>> --
>>> selinux mailing list
>>> selinux at lists.fedoraproject.org
>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>>
>>>
>> httpd_sys_script_exec_t would probably be the right type.
>>
>>
>> --
>> selinux mailing list
>> selinux at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
More information about the selinux
mailing list