home | list info | list archive | date index | thread index

Re: [OCLUG-Tech] SELinux in RPM and targeted mode

Apparently should be in Centos RPM since last Dec. [1]   But I sympathize
with all those that like to do a tar.gz install and run configure and make
themselves. Perhaps upstream hold maintainer should add install target -
chcon

If it's not already there, or check.

With targeted enforce per daemon, and there is a boolean for if files from
users and htdocs paths, by default get execute privileges.

That is in addition to the mention file Type enforcement.   Does anyone
know which has precedence or if they both allow it?

- Allan


[1]
http://pkgs.org/centos-5/epel-i386/dokuwiki-0-0.24.20140929c.el5.noarch.rpm.html

On Wednesday, Changelog
[..]

2014-12-26 - Adam Tkac <vonsch [ at ] gmail [ dot ] com> - 0.0.23.20140929b
- update to the latest upstream
- drop requirement of httpd (#1164396)
- fix SELinux file contexts (#1064524)

April 22, 2015, Allan Fields <allan [ dot ] fields [ at ] gmail [ dot ] com> wrote:
> With discussion on the SE/Linux and restoring file context on site PHP
files when in enforcing mode..
>
> One thing I couldn't help thinking and tempted to comment on is: the
admin should not have to do that by default, when you have a properly
package RPM file.
>
> Did you try from the RPM?
>
> I was not privy of Docuwiki install is by tarball or RPM.
[..]
>
> [2] Centos 6 rpm package: docuwiki
>
>
http://rpm.pbone.net/index.php3/stat/4/idpl/23718441/dir/centos_6/com/dokuwiki-2011.05.25a-10.3.noarch.rpm.html
>
>
> Thanks,
> Allan ("Out Here") Fields
>