geeklog-2.0.0_fedora19_SELinux
Miroslav Grepl
mgrepl at redhat.com
Mon Jul 29 04:36:31 UTC 2013
On 07/27/2013 07:04 AM, Shintaro Fujiwara wrote:
> Hi !
>
> I fixed geeklog (php CMS) source and put some shell script with
> geeklog SELinux module and made them a tar-ball.
>
> There are logs directory in geeklog and php fopen wants to write its log.
>
> I don't want to allow httpd_t write to httpd_log_t so, I wrote
> geeklog.fc and made a module only to allow write the very directory.
>
> I set httpd_sys_rw_content_t to geeklog's logs directory, backups and
> data directories.
>
> Maybe I should set httpd_sys_rw_content images directory, too.
>
> Those informations will be seen at
>
> http://sourceforge.net/projects/webon/files/geeklog_for_SELinux/
> <https://sourceforge.net/projects/webon/files/geeklog_for_SELinux/>
>
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
Yes, the httpd_sys_rw_content_t labeling is correct for the
/var/www/geeklog-2.0.0_fedora19_SELinux/logs(/.*)? directory in this case.
Basically you can follow
https://git.fedorahosted.org/cgit/selinux-policy.git/tree/apache.fc?h=master_contrib
for examples.
Regards,
Miroslav
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20130729/67210506/attachment.html>
More information about the selinux
mailing list