Paul Howarth wrote:
On Tue, 2005-07-19 at 13:12 +0200, Nicklas Norling wrote:
>I would encourage a boolean for shared data location. I think labeling a
>folder and it's subcontent with a specific label and then have different
>services be able to use it might be a start. That way I could disallow
>smb the rights but allow ftpd and httpd (as an example). I think that
>would be a great improvment from my point of view.
>
>
I think this is a great idea. I have a file server at home where I stick
all the software I've downloaded, some for Linux and some for Windows.
The Windows box accesses the area using samba and Linux uses httpd as
I've set up a local yum repo for the Linux software. So in Niklas' idea
I'd be enabling httpd and smb for this and not ftp.
This type might be a good one to use for everything under /srv...
Paul.
Ok. I am allowing ftpd, samba, apache and/or apache scripts, rsync to
read ftpd_anon_t.
So if you want files shared by these services, you can change the
context to ftpd_anon_t.
--