SElinux and squirrelmail (write access denied to a file with 777 permissions)

redhatdude at bellsouth.net redhatdude at bellsouth.net
Thu Jul 14 06:23:26 UTC 2005


>>>>>>
>>>>>>
>>>>> It would then allow httpd to write to the file.
>>>>>
>>>>> httpd is allowed to write to httpd_squirrelmail_t files not to
>>>>> usr_t files.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> So in case one day I decide to get rid of squirrelmail, how do I  
>>>> undo
>>>> this?
>>>>
>>>>
>>>
>>> You don't need to. If you get rid of squirrelmail (by removing the
>>> package), you'll have got rid of everything affected by this change.
>>>
>>> Changing the context of files is similar to changing their   
>>> permissions;
>>> removing a file will remove any trace of changes you made to its
>>> permissions/context.
>>>
>>> Paul.
>

After applying chcon -t httpd_squirrelmail_t /usr/share/squirrelmail/ 
config/conf.php apache was allowed to write to the file. I found out  
that if you rename the file and then rename it back to what it was  
before, the changes go back to the original setting the file had  
which is usr_t.
Thank you both for your help
EJ




More information about the users mailing list