[CentOS] How to set selinux policy "allow httpd_t unconfined_t:shm { unix_read unix_write }; " using an seboolean? (How to get a new seboolean?)

3 Jun 2011


      Hi.  I'm trying to get OTRS running on CentOS 5.5 with SELinux enabled,
and audit.log / audit2allow tell me I need to add the local policy:
#============= httpd_t ==============
allow httpd_t unconfined_t:shm { unix_read unix_write };
which I think will allow the httpd access to read and write from shared memory?
Is that right?  What are the risks involved in opening this?  I notice it is
denied by the default policy.
To simplify configuration management, I would prefer to make this setting
using /usr/sbin/setseebool, but I don't see an sebool that deals with shm...
How do I request one?  (And whom do I ask?)
Thanks,
-at

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[CentOS] How to set selinux policy "allow httpd_t unconfined_t:shm { unix_read unix_write }; " using an seboolean? (How to get a new seboolean?)