Apache2 directory listing problem F16
Rick Stevens
ricks at alldigital.com
Mon Jul 30 16:48:26 UTC 2012
On 07/30/2012 09:38 AM, Steven Stern issued this missive::
> On 07/30/2012 11:06 AM, Mark Haney wrote:
>> On 07/30/2012 11:26 AM, Steven Stern wrote:
>>>>> If you copied files from some other directory into pics, then they
>>>>>>> probably brought along their existing context. Go back to
>>>>> /var/www/html
>>>>>>> and try "sudo restorecon -r *".
>>>>>>>
>>>>>
>>>>> I've attached the full output of the troubleshooter just in case I
>>>>> managed not to include everything needed.
>>>>>
>>>>>
>>>>>
>>>>>
>>> Run restorecon as suggested by the troubleshooter.
>>
>> Yep, that did it. Sometimes I wonder if the devs of SELinux are sane.
They're sane. You have to understand just what they're trying to
accomplish and there's a lot of stuff to try to protect from. Try
looking at a grsec'd system if you want some "least privilege"
complexity.
> It would be nice if there were a cp option to adopt the context of the
> target. Currently, -Z requires that you set the context. I suppose it's
> a good idea to keep you from shooting yourself in the foot by coping a
> file that shouldn't be visible on a web site.
You can use "--preserve=context" to maintain the SELinux context of the
source file. You can't adopt the context of the target since you're
overwriting it. Makes sense if you think about it.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital ricks at alldigital.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- Any sufficiently advanced technology is indistinguishable from a -
- rigged demo. -
----------------------------------------------------------------------
More information about the users
mailing list