[CentOS] selinux problem policies
Günther J. Niederwimmer
gjn at gjn.priv.atSun Apr 30 14:03:12 UTC 2017
- Previous message: [CentOS] Getting to Mate or Xfce
- Next message: [CentOS] selinux problem policies
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
My problem is to add selinux policies
can any help to say what is wrong with my policies
I write this!
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/
typo3conf(/.*)?"
I have more instances from typo3
I found this construct in the selinux policies
"/var/www/html(/.*)?/uploads(/.*)?"
but my is not working ?
and I have only errors?
neverallow check failed at /etc/selinux/targeted/tmp/modules/100/selinuxutil/
cil:244
(neverallow selinuxutil_typeattr_1 semanage_store_t (file (relabelto)))
<root>
allow at /etc/selinux/targeted/tmp/modules/100/selinuxutil/cil:675
(allow restorecond_t non_auth_file_type (file (getattr relabelfrom
relabelto)))
<root>
allow at /etc/selinux/targeted/tmp/modules/100/systemd/cil:1108
(allow systemd_tmpfiles_t non_auth_file_type (file (getattr relabelfrom
relabelto)))
neverallow check failed at /etc/selinux/targeted/tmp/modules/100/base/cil:
13121
(neverallow base_typeattr_18 scsi_generic_device_t (blk_file (read)))
<root>
allow at /etc/selinux/targeted/tmp/modules/100/munin/cil:581
(allow disk_munin_plugin_t device_node (blk_file (ioctl read getattr lock
open)))
.........
or is a other way to include policies better ?
--
mit freundlichen Grüssen / best regards
Günther J. Niederwimmer
- Previous message: [CentOS] Getting to Mate or Xfce
- Next message: [CentOS] selinux problem policies
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list