Hello, On Sonntag, 30. April 2017 18:40:23 CEST Gordon Messmer wrote:> On 04/30/2017 07:03 AM, G?nther J. Niederwimmer wrote: > > I write this! > > > > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ > > typo3conf(/.*)?" > > OK. Did you get an error?I have only Errors ;-). when I like to set this Rule ? semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ typo3conf(/.*)?" This Errors are displayd ? neverallow check failed at /etc/selinux/targeted/tmp/modules/100/selinuxutil/ cil:244 (neverallow selinuxutil_typeattr_1 semanage_store_t (file (relabelto))) <root> allow at /etc/selinux/targeted/tmp/modules/100/selinuxutil/cil:675 (allow restorecond_t non_auth_file_type (file (getattr relabelfrom relabelto))) <root> allow at /etc/selinux/targeted/tmp/modules/100/systemd/cil:1108 (allow systemd_tmpfiles_t non_auth_file_type (file (getattr relabelfrom relabelto))) But the Rule are not added/set ?> > I have more instances from typo3 > > I found this construct in the selinux policies > > "/var/www/html(/.*)?/uploads(/.*)?" > > > > but my is not working ? > > Can you be specific about what "not working" means? Did you get an > error from the semanage command? Are files not labeled correctly? > > After setting context rules, you can "restorecon -R -v /var/www/html/" > to fix the labels of any existing files. You can see their current > labels using "ls -lZ /var/www/html". > > > and I have only errors? > > > > neverallow check failed at > > /etc/selinux/targeted/tmp/modules/100/selinuxutil/ cil:244 > > When do you see that error? > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos-- mit freundlichen Gr?ssen / best regards G?nther J. Niederwimmer
On 04/30/2017 07:24 PM, G?nther J. Niederwimmer wrote:> when I like to set this Rule ? > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ > typo3conf(/.*)?" > > This Errors are displayd ? > neverallow check failed at /etc/selinux/targeted/tmp/modules/100/selinuxutil/ > cil:244I see, now. What happens if you run "find /etc/selinux/targeted/tmp"? I'm not sure if you're getting an error because a tmp file was left behind earlier, or because something is wrong with the command you're running.
Hello, Thanks for the Help! On Montag, 1. Mai 2017 04:47:21 CEST Gordon Messmer wrote:> On 04/30/2017 07:24 PM, G?nther J. Niederwimmer wrote: > > when I like to set this Rule ? > > semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ > > typo3conf(/.*)?" > > > > This Errors are displayd ? > > neverallow check failed at > > /etc/selinux/targeted/tmp/modules/100/selinuxutil/ cil:244 > > I see, now. What happens if you run "find /etc/selinux/targeted/tmp"? > I'm not sure if you're getting an error because a tmp file was left > behind earlier, or because something is wrong with the command you're > running.nothing ? but now I have make a new installation from the server and the rule is working without errors and is installed ?? semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/ typo3conf(/.*)?" -- mit freundlichen Gr?ssen / best regards G?nther J. Niederwimmer