informatique:linux:selinux
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
informatique:linux:selinux [2010/10/14 09:14] – pteu | informatique:linux:selinux [2013/10/14 20:44] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 66: | Line 66: | ||
restorecon -v < | restorecon -v < | ||
</ | </ | ||
+ | |||
+ | Les contextes **public_content_t** et **public_content_rw_t** servent pour les fichiers qui doivent être accessibles depuis plusieurs services, respectivement en lecture seule ou écriture. | ||
Les booléens déterminent si certaines règles s' | Les booléens déterminent si certaines règles s' | ||
<code bash> | <code bash> | ||
getsebool -a | grep http | getsebool -a | grep http | ||
+ | allow_httpd_anon_write --> off | ||
+ | allow_httpd_bugzilla_script_anon_write --> off | ||
+ | allow_httpd_cvs_script_anon_write --> off | ||
+ | allow_httpd_mod_auth_pam --> off | ||
+ | allow_httpd_nagios_script_anon_write --> off | ||
+ | allow_httpd_prewikka_script_anon_write --> off | ||
+ | allow_httpd_squid_script_anon_write --> off | ||
+ | allow_httpd_sys_script_anon_write --> off | ||
+ | httpd_builtin_scripting --> on | ||
+ | httpd_can_network_connect --> off | ||
+ | httpd_can_network_connect_db --> off | ||
+ | httpd_can_network_relay --> off | ||
+ | httpd_can_sendmail --> on | ||
+ | httpd_disable_trans --> off | ||
+ | httpd_enable_cgi --> on | ||
+ | httpd_enable_ftp_server --> off | ||
+ | httpd_enable_homedirs --> on | ||
+ | httpd_rotatelogs_disable_trans --> off | ||
+ | httpd_ssi_exec --> off | ||
+ | httpd_suexec_disable_trans --> off | ||
+ | httpd_tty_comm --> on | ||
+ | httpd_unified --> on | ||
+ | httpd_use_cifs --> off | ||
+ | httpd_use_nfs --> off | ||
</ | </ | ||
Line 75: | Line 101: | ||
<code bash> | <code bash> | ||
setsebool -P httpd_enable_cgi 0 | setsebool -P httpd_enable_cgi 0 | ||
+ | </ | ||
+ | De la doc... | ||
+ | <code bash> | ||
man httpd_selinux | man httpd_selinux | ||
man -k selinux | man -k selinux |
informatique/linux/selinux.1287047676.txt.gz · Last modified: 2013/10/14 20:54 (external edit)