[CentOS] SELinux and access across 'similar types'

Ljubomir Ljubojevic office at plnet.rs
Sun Jan 8 15:28:30 UTC 2012

On 01/08/2012 03:15 PM, Bennett Haselton wrote:
> It's a file created by one of my CGI scripts.  (The web server is
> accessed by several hostnames which are dynamically assigned to it, and
> I need a quick way of determining all hostnames that were recently used
> to access the server.  So when someone accesses the server using
> HOSTNAME, the file /tmp/hostname_<hostname>  is created.  Then another
> script just pulls the names of all of those files in order to find all
> recently used hostnames.)
>> My suggestion:
>> stop apache
>> run relabeling again (if file continues to exists)
>> start apache
>> check
> Well when I was doing the relabeling I was doing:
> # touch /.autorelabel
> # reboot
> So when I'm rebooting apache stops and starts anyway, doesn't it?
> Doesn't the auto-relabel occur before other services are started up?  So
> I'm not sure what I would actually do differently to follow this
> suggestion...

Ah, you are write, sorry. Well you might need to apply proper (httpd_) 
SELinux label for that file. At the time of creation? \
Maybe move it to another location where it will get automatic label for 
what you want?

I am no SELinux expert, so I might be rambling.


Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

Google is the Mother, Google is the Father, and traceroute is your
trusty Spiderman...
StarOS, Mikrotik and CentOS/RHEL/Linux consultant

More information about the CentOS mailing list