giving ftp access to specif files and directories

Daniel J Walsh dwalsh at redhat.com
Tue Sep 23 16:16:27 UTC 2008


Clarkson, Mike R (US SSA) wrote:
> In RHEL5.1, I don't see an interface allowing the policy writer to give
> the ftp daemon access to specific file and directory types. This would
> be nice to have.
> 
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Not sure what you are after here.  Do you want to label a directory or
file with public_content_t will allow ftp to gain access.

If the files are labeled something non default you could add allow rules
using audit2allow -M myftp.

If you want to add a type specific to ftp that other daemons would not
have access to IE Not public_content_t, you could define a module

type ftp_content_t;
files_type(ftp_content_t)

...

Then allow access.  And set the labeling correct




More information about the selinux mailing list