FC4, SELinux, virtual hosts, upload web content

Mon Oct 17 20:30:25 UTC 2005

Valery Khamenya wrote:
>> Try public_content_rw_t?
>>     
>
> now tried. Nothing works after applying public_content_rw_t now.
> Neither ftp, nor scp nor even web.
>
>   
you need to turn on the correct booleans to allow it to work.

setsebool -P allow_ftpd_anon_write=1

> Let me know please if i could bring some reasonable logs.
>
> Thank you in advance for any further help,
> best regards,
> Valery.
>
> P.S. below  goes the ...
> # getsebool -a
> NetworkManager_disable_trans --> inactive
> allow_execmem --> active
> allow_execmod --> active
> allow_execstack --> active
> allow_ftpd_anon_write --> inactive
> allow_gssd_read_tmp --> active
> allow_httpd_anon_write --> inactive
> allow_httpd_sys_script_anon_write --> inactive
> allow_kerberos --> active
> allow_rsync_anon_write --> inactive
> allow_saslauthd_read_shadow --> inactive
> allow_smbd_anon_write --> inactive
> allow_write_xshm --> inactive
> allow_ypbind --> inactive
> apmd_disable_trans --> inactive
> arpwatch_disable_trans --> inactive
> auditd_disable_trans --> inactive
> bluetooth_disable_trans --> inactive
> canna_disable_trans --> inactive
> cardmgr_disable_trans --> inactive
> comsat_disable_trans --> inactive
> cupsd_config_disable_trans --> inactive
> cupsd_disable_trans --> inactive
> cupsd_lpd_disable_trans --> inactive
> cvs_disable_trans --> inactive
> cyrus_disable_trans --> inactive
> dbskkd_disable_trans --> inactive
> dhcpc_disable_trans --> inactive
> dhcpd_disable_trans --> inactive
> dovecot_disable_trans --> inactive
> fingerd_disable_trans --> inactive
> ftp_home_dir --> active
> ftpd_disable_trans --> active
> ftpd_is_daemon --> active
> gssd_disable_trans --> inactive
> hald_disable_trans --> inactive
> hotplug_disable_trans --> inactive
> howl_disable_trans --> inactive
> hplip_disable_trans --> inactive
> httpd_builtin_scripting --> active
> httpd_can_network_connect --> inactive
> httpd_disable_trans --> inactive
> httpd_enable_cgi --> active
> httpd_enable_homedirs --> active
> httpd_ssi_exec --> active
> httpd_suexec_disable_trans --> inactive
> httpd_tty_comm --> inactive
> httpd_unified --> active
> inetd_child_disable_trans --> inactive
> inetd_disable_trans --> inactive
> innd_disable_trans --> inactive
> kadmind_disable_trans --> inactive
> klogd_disable_trans --> inactive
> krb5kdc_disable_trans --> inactive
> ktalkd_disable_trans --> inactive
> lpd_disable_trans --> inactive
> mysqld_disable_trans --> inactive
> named_disable_trans --> inactive
> named_write_master_zones --> inactive
> nfs_export_all_ro --> active
> nfs_export_all_rw --> active
> nfsd_disable_trans --> inactive
> nmbd_disable_trans --> inactive
> nscd_disable_trans --> inactive
> ntpd_disable_trans --> inactive
> pegasus_disable_trans --> inactive
> portmap_disable_trans --> inactive
> postgresql_disable_trans --> inactive
> pppd_can_insmod --> inactive
> pppd_disable_trans --> inactive
> pppd_for_user --> inactive
> pptp_disable_trans --> inactive
> privoxy_disable_trans --> inactive
> ptal_disable_trans --> inactive
> radiusd_disable_trans --> inactive
> radvd_disable_trans --> inactive
> read_default_t --> active
> rlogind_disable_trans --> inactive
> rpcd_disable_trans --> inactive
> rsync_disable_trans --> inactive
> samba_enable_home_dirs --> inactive
> saslauthd_disable_trans --> inactive
> slapd_disable_trans --> inactive
> smbd_disable_trans --> inactive
> snmpd_disable_trans --> inactive
> squid_connect_any --> inactive
> squid_disable_trans --> inactive
> stunnel_disable_trans --> inactive
> stunnel_is_daemon --> inactive
> syslogd_disable_trans --> inactive
> system_dbusd_disable_trans --> inactive
> telnetd_disable_trans --> inactive
> tftpd_disable_trans --> active
> udev_disable_trans --> inactive
> use_nfs_home_dirs --> inactive
> use_samba_home_dirs --> inactive
> uucpd_disable_trans --> inactive
> winbind_disable_trans --> inactive
> ypbind_disable_trans --> inactive
> ypserv_disable_trans --> inactive
> zebra_disable_trans --> inactive
>
> --
> Valery A.Khamenya
>   


--