[CentOS] rsync and selinux
Gordon Messmer
yinyang at eburg.com
Mon Jan 7 13:26:35 UTC 2013
On 01/07/2013 03:59 AM, lhecking at users.sourceforge.net wrote:
> Big mistake. Most or all services with config files under /etc could
> no longer read their config files, including ssh. It looks like the selinux
> type was substituted rather than added? Thankfully, I was able to recover.
Yes, I believe that you added a new file context rule to the
configuration, and that rule had precedence over the system policy.
Files have just one context.
> What is the correct way to give rsync full access to everything under
> selinux?
The easiest way is to use rsync over ssh, rather than rsync as a daemon.
As long as you aren't running it as a daemon, I don't believe that
it's confined.
Also, run rsync with -v to get more information about what's being
skipped and why, and run 'tail -f /var/log/audit/audit.log' while you
rsync to make sure that there aren't AVCs logged. If there aren't AVCs,
it's probably not an SELinux problem.
More information about the CentOS
mailing list