I have a personal server setup with SELinux in targeted mode.
I would like to allow rw access over these files to Samba, and ro access to these files to httpd.
In my current setup, SELinux requires the security context of the respective daemon to allow access to them.
Since I gave Samba access more priority, the current context is: root:object_r:samba_share_t
The files are not owned by root, they are currently chowned pembo13:comrades.
Please advise on the best method to arrange for the access that I seem to require.
Thank you.
Arthur Pemberton wrote:
I have a personal server setup with SELinux in targeted mode.
I would like to allow rw access over these files to Samba, and ro access to these files to httpd.
In my current setup, SELinux requires the security context of the respective daemon to allow access to them.
Since I gave Samba access more priority, the current context is: root:object_r:samba_share_t
The files are not owned by root, they are currently chowned pembo13:comrades.
Please advise on the best method to arrange for the access that I seem to require.
Use context type public_content_rw_t, and set the boolean allow_smbd_anon_write to 1.
Paul.
On Tue, 2007-08-21 at 15:55 -0500, Arthur Pemberton wrote:
I have a personal server setup with SELinux in targeted mode.
I would like to allow rw access over these files to Samba, and ro access to these files to httpd.
In my current setup, SELinux requires the security context of the respective daemon to allow access to them.
Since I gave Samba access more priority, the current context is: root:object_r:samba_share_t
The files are not owned by root, they are currently chowned pembo13:comrades.
Please advise on the best method to arrange for the access that I seem to require.
man samba_selinux seems to suggest using public_content_rw_t on the file and setting the allow_smbd_anon_write boolean.
selinux@lists.fedoraproject.org
-
Arthur Pemberton -
Paul Howarth -
Stephen Smalley