Discussion:
Trying again: why am I getting denials in a directory that has been labeled..
mark
2018-06-29 20:15:33 UTC
Permalink
As Lukas suggested, I tried to relabel the file. It didn't work, and the
reason is this: we have the web under our own root directory, not under
/var/www. We had done an semanage fcontext -e /var/www <ourpath>. When I
tried to relabel, it suggested I try to relabel using the /var/www path,
which won't work.

Is there any way around this?

/<ourpath>/htdocs/<website>/cgi-bin/data/<the probelematic file>

mark
_______________________________________________
selinux mailing list -- ***@lists.fedoraproject.org
To unsubscribe send an email to selinux-***@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/***@lists.fedoraproject.org/message/OY44G67IIGE3VF
Lukas Vrabec
2018-06-30 09:22:43 UTC
Permalink
Post by mark
As Lukas suggested, I tried to relabel the file. It didn't work, and the
reason is this: we have the web under our own root directory, not under
/var/www. We had done an semanage fcontext -e /var/www <ourpath>. When I
tried to relabel, it suggested I try to relabel using the /var/www path,
which won't work.
Is there any way around this?
/<ourpath>/htdocs/<website>/cgi-bin/data/<the probelematic file>
mark
Hi,

Could you attach complete outputs from semanage/ls (-Z)/ matchpathcon
commands? I would like to reproduce it to help you find issue.

Lukas.

_______________________________________________
Post by mark
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
--
Lukas Vrabec
Software Engineer, Security Technologies
Red Hat, Inc.
Continue reading on narkive:
Loading...