Running httpd scripts from nfs mounts?
Daniel J Walsh
dwalsh at redhat.com
Thu Jan 27 15:36:35 UTC 2005
Colin Walters wrote:
>On Wed, 2005-01-26 at 13:46 -0500, Daniel J Walsh wrote:
>
>
>>John W. Lockhart wrote:
>>
>>
>>
>>>Colin Walters wrote:
>>>
>>>
>>>
>>>>Weird. What's the output of "getsebool httpd_unified"?
>>>>
>>>>
>>>>
>>># getsebool httpd_unified
>>>httpd_unified --> active
>>>
>>>
>>>
>>Policy does not have a can_exec(httpd_t, httpdcontent)
>>Only can_exec(httpd_$1_script_t, httpdcontent)
>>
>>
>
>Right; but why isn't it trying to transition, via the
>domain_auto_trans(httpd_t, httpdcontent, httpd_sys_script_t)?
>
>
>
>
Ah, good point, I wonder if this might be a bug? Is the kernel not
seeing the file as httpdcontent but as nfs_t
even though the mount option was specified.
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
More information about the selinux
mailing list