[CentOS] Selinux custom policy issue - Centos 5

Daniel de Kok danieldk at pobox.com
Tue Jun 12 06:12:41 UTC 2007


Hi,

On Tue, 2007-06-12 at 12:24 +1200, Miskell, Craig wrote:
> Where file_upload_store_t is one of my custom types.  My local.fc looks
> like this:
> /data/spool/blastreq(/.*)?            system_u:object_r:blast_req_t
> /data/spool/blastres(/.*)?            system_u:object_r:blast_res_t
> /data/upload(/.*)?
> system_u:object_r:file_upload_store_t
> /data/bfiles(/.*)?                    system_u:object_r:bfiles_t
> /var/www/possumbase/html/imagetemp(/.*)?
> system_u:object_r:http_image_temp_t
> /var/www/sheep/html/imagetemp(/.*)?
> system_u:object_r:http_image_temp_t
> 
> And my local.te contains (selected portions only for now):
> module local 1.1;
> 
> require {
> ...
>  <various normal requires>
> ...
> }
> type blast_req_t,file_type;
> allow httpd_sys_script_t blast_req_t:file { create getattr write};
> allow httpd_sys_script_t blast_req_t:dir { read getattr lock search
> ioctl add_name write };
> ...etc

Is file_upload_store_t defined in your local policy? E.g.:

type file_upload_store_t, file_type;

-- Daniel




More information about the CentOS mailing list