On Tuesday 02 March 2010 11:49:51 Dirk H. Schulz wrote:
> Hi folks,
> I want my web users to use vsftpd for populating their web space.
> And I want SElinux to have an eye on everything there. But my problem is:
> For vsftpd to work I need the following context on the web directories:
> For httpd to work I need the following context on the web directories:
> How can I achieve to let SElinux both daemons work on the same web
>From the httpd_selinux man page
If you want to share files with multiple domains (Apache, FTP, rsync,
Samba), you can set a file context of public_content_t and public_con-
tent_rw_t. These context allow any of the above domains to read the
content. If you want a particular domain to write to the public_con-
tent_rw_t domain, you must set the appropriate boolean.
allow_DOMAIN_anon_write. So for httpd you would execute:
setsebool -P allow_httpd_anon_write=1
setsebool -P allow_httpd_sys_script_anon_write=1
See also ftpd_selinux.
> I am not very deep into SElinux by now, so please bear with me. I have
> googled for this particular problem, but found nothing.
> Any hint or help or url of a howto is appreciated.
> selinux mailing list
Chief Technical Officer. Tel: +353 061-202778
Dept. of Comp. Sci.
University of Limerick.
selinux mailing list