Thank you for your advice.
I've read several articles on this matter and especially, Dan's
I may not had any mistakes this time and I owe those guru's articles.
I had to fix some paths, because I made mistakes for doc and backups
I updated those tar balls.
I just want everybody to set setenforce 1 haha!
2013/7/29 Miroslav Grepl <mgrepl(a)redhat.com>
On 07/27/2013 07:04 AM, Shintaro Fujiwara wrote:
I fixed geeklog (php CMS) source and put some shell script with geeklog
SELinux module and made them a tar-ball.
There are logs directory in geeklog and php fopen wants to write its log.
I don't want to allow httpd_t write to httpd_log_t so, I wrote geeklog.fc
and made a module only to allow write the very directory.
I set httpd_sys_rw_content_t to geeklog's logs directory, backups and
Maybe I should set httpd_sys_rw_content images directory, too.
Those informations will be seen at
Yes, the httpd_sys_rw_content_t labeling is correct for the
/var/www/geeklog-2.0.0_fedora19_SELinux/logs(/.*)? directory in this case.
Basically you can follow