LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   selinux restricting cvsweb from running (https://www.linuxquestions.org/questions/linux-security-4/selinux-restricting-cvsweb-from-running-632600/)

hattori.hanzo 04-02-2008 10:26 PM
selinux restricting cvsweb from running
 
I installed cvsweb but it appears selinux is preventing it from running (cvsweb.cgi).

I dropped into selinux permissive mode and then cvsweb runs without issues.

How could I excempt cvsweb from the selinux restrictions.

I am running fedora 8.

regards

unSpawn 04-03-2008 09:21 AM
There should be AVC messages logged. You can run those through audit2allow and build a local policy. This should add cvsweb rather than exempt it from being subject to the policy, you shouldn't want that on 'net facing applications unless your 'net is private and populated with only trusted users. Searching LQ or the Fedora site for "audit2allow" should show steps. If unsure, ask away.

hattori.hanzo 04-04-2008 01:04 AM
Thanks. Exactly what I was looking for.

Cheers.


All times are GMT -5. The time now is 12:48 PM.