On Tue, 2005-06-21 at 07:11 +0200, Peter Magnusson wrote:
And how would I know what I should set the perms to get it working?
Jun 21 06:27:25 sysbabe kernel: audit(1119328045.441:0): avc: denied {
write } for pid=29609 exe=/usr/sbin/httpd name=userdb.dat dev=hda2
ino=688180 scontext=root:system_r:httpd_t
tcontext=system_u:object_r:httpd_sys_content_t tclass=file
Jun 21 06:27:25 sysbabe kernel: audit(1119328045.442:0): avc: denied {
write } for pid=29609 exe=/usr/sbin/httpd name=userdb.dat dev=hda2
ino=688180 scontext=root:system_r:httpd_t
tcontext=system_u:object_r:httpd_sys_content_t tclass=file
is what is says. Same problem on an other vhost with an counter, just other
name= of course.
Per earlier postings on this list, have you tried:
setsebool -P httpd_builtin_scripting=1 httpd_unified=1
Did the fedora team expect problems like this to be created with the
latest
selinux policy change or is it a suprise for you? Its fine to have it by
default in new release of fedora but not CHANGE it in a update.
I think it was a bug in the spec file's handling of the booleans file.
--
Stephen Smalley
National Security Agency