On Saturday 23 April 2005 10:53, "Christofer C. Bell"
<christofer.c.bell(a)gmail.com> wrote:
Apr 22 19:48:43 circe kernel: audit(1114217323.877:0): avc: denied
{
getattr } for pid=14889 exe=/usr/sbin/httpd
path=/var/www/html/gutenberg dev=loop0 ino=1792
scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:iso9660_t
tclass=dir
You could add the following policy:
r_dir_file(httpd_t, iso9660_t)
Unfortunately, I'm unable to relabel this content because the
iso9660
filesystem does not support extended attributes:
Use the context option to mount. Put
context=system_u:object_r:httpd_sys_content_t in the options file
of /etc/fstab for example.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page