Are there any plans for generic contexts?
paul at city-fan.org
Sun Dec 28 13:20:14 UTC 2008
On Sat, 27 Dec 2008 22:35:33 -0600
"Arthur Pemberton" <pemboa at gmail.com> wrote:
> Are there any plans for generic contexts? If not consider this a
> It would be useful if there were more generic contexts, for example
> 'shared_content_t'. Which all targeted daemons that share files (such
> as httpd, smbd, vsftpd) would all have access to these files. I am
> aware that I can probably write my own policy to allow this, but it
> seems like a fairly common use case.
> Just tonight I wanted to make some web code I was working on available
> via a samba share so I could work a bit more fluidly form my laptop.
> But the files are already labeled for sharing under httpd.
> On another machine, I give access to samba to one dir, and would also
> like to have access form httpd. For certain situations, even vsftpd.
public_content_t and public_content_rw_t have been available for a long
time to support this between ftp, http, samba, nfs, tftp, and rsync
public_content_t is read-only to all daemons.
public_content_rw_t is read-only to all daemons but writable by any
daemon that has the appropriate boolean set:
Setting these booleans allows the associated daemon to write to
More information about the selinux