[lug] SElinux for multiple apache authors
D. Stimits
stimits at comcast.net
Wed Oct 24 18:04:21 MDT 2007
I'm curious about something...I've set up an apache system that uses
SElinux on CentOS. I've tried to add permission for a couple of other
users to edit content, and sometimes it works, sometimes it requires
re-running chcon. Some file types seem to inherit ok, such as plain html
files, but others (notably some variations on packages such as a .tgz,
but not on all) require re-running chcon on them as root (since CentOS
has the role for editing such things for root).
So my question is this...what is the proper way to let trusted authors
directly edit apache's directory tree? Do I somehow add their names to
the role of apache? Do I add sudo to allow them to chcon recursively to
the web root? Or some other method?
D. Stimits, stimits AT comcast DOT net
More information about the LUG
mailing list