SELinux adding new allowed samba type to access httpd_sys_content_t?
Posted
by Josh
on Server Fault
See other posts from Server Fault
or by Josh
Published on 2010-06-08T20:50:00Z
Indexed on
2010/06/08
20:53 UTC
Read the original article
Hit count: 327
allow samba_share_t httpd_sys_content_t {read execute getattr setattr write};
allow smbd_t httpd_sys_content_t {read execute getattr setattr write};
I am taking a stab in the dark with resources I've looked at, at various places that the above policies are what I want. I basically want to allow Samba to write to my web docs without giving it free access to the operating system. I read a post by a NSA rep saying the best way was defining a new type and allowing both samba and httpd access. Setting the content to public content (public_content_rw_t) does not work without making use of some unrestrictive booleans.
To state this in short, how do I allow samba to access a new type?
© Server Fault or respective owner