{"id":157,"date":"2008-10-12T22:49:36","date_gmt":"2008-10-12T14:49:36","guid":{"rendered":"http:\/\/www.hmqq.net\/?p=157"},"modified":"2017-02-13T20:08:13","modified_gmt":"2017-02-13T12:08:13","slug":"centos-52-selinux","status":"publish","type":"post","link":"https:\/\/minqiao.me\/?p=157","title":{"rendered":"CentOS 5.2 SELinux"},"content":{"rendered":"<p>CentOS 5.2\uff0c\u5728\u542f\u7528SELinux\u7684\u60c5\u51b5\u4e0b\u914d\u7f6evsftpd\u4f7f\u7528pam_mysql\u505a\u7528\u6237\u8ba4\u8bc1\u548c\u5b89\u88c5Zend Optimizer v3.3.3\u8fd8\u662f\u6709\u70b9\u9ebb\u70e6\u7684\uff0c\u9700\u8981\u6539SELinux\u7684\u89c4\u5219\u624d\u80fd\u4f7f\u7528\u3002<br \/>\n\u9996\u5148\uff0c<br \/>\n<code>#cd \/usr\/local\/Zend<br \/>\n#find lib -type d -exec chcon -t lib_t {} \\;<br \/>\n#find lib -name \"*.so\" -exec chcon -t textrel_shlib_t {} \\;<\/code><br \/>\n\u63a5\u7740\u7f16\u8f91\/etc\/selinux\/targeted\/modules\/local <a href=\"http:\/\/biturlz.com\/tswAWmH\">strattera adhd<\/a>.te\u6587\u4ef6\u5982\u4e0b\uff1a<!--more--><\/p>\n<pre class=\"brush: cpp; title: ; notranslate\" title=\"\">module local 1.0;\r\nrequire {\r\ntype httpd_t;\r\ntype ftpd_t;\r\ntype mysqld_db_t;\r\ntype mysqld_var_run_t;\r\ntype mysqld_t;\r\nclass process { execstack execmem execheap };\r\nclass dir search;\r\nclass sock_file write;\r\nclass unix_stream_socket connectto;\r\nclass capability { dac_read_search dac_override };\r\n}\r\n#============= httpd_t ==============\r\nallow httpd_t self:process { execstack execmem execheap };\r\n#============= ftpd_t ==============\r\nallow ftpd_t mysqld_db_t:dir search;\r\nallow ftpd_t mysqld_t:unix_stream_socket connectto;\r\nallow ftpd_t mysqld_var_run_t:sock_file write;\r\nallow ftpd_t self:capability { dac_read_search dac_override };<\/pre>\n<p>\u7136\u540e\u8fd0\u884c\u4ee5\u4e0b\u547d\u4ee4\uff1a<br \/>\n<code>checkmodule -M -m -o local.mod local.te<br \/>\nsemodule_package -o local.pp -m local.mod<br \/>\nsemodule -i .\/local.pp <\/code><br \/>\n\u8fd8\u8981\u8fd0\u884c\u4e00\u4e0b\u8fd9\u4e2a\u547d\u4ee4\uff0cvsftpd\u624d\u80fd\u8ba9\u672c\u5730\/\u865a\u62df\u7528\u6237\u6b63\u5e38\u767b\u9646<br \/>\n<code>setsebool -P ftp_home_dir 1<\/code><\/p>\n<p>\u5982\u679c\u8fd8\u6709\u4ec0\u4e48\u4e0d\u6b63\u5e38\uff0c\u53c2\u8003audit2allow -a \/var\/log\/audit\/audit.log<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CentOS 5.2\uff0c\u5728\u542f\u7528SELinux\u7684\u60c5\u51b5\u4e0b\u914d\u7f6evsftpd\u4f7f\u7528pam_mysql\u505a\u7528\u6237\u8ba4\u8bc1\u548c\u5b89\u88c5Zend Optimizer v3.3.3\u8fd8\u662f\u6709\u70b9\u9ebb\u70e6\u7684\uff0c\u9700\u8981\u6539SELinux\u7684\u89c4\u5219\u624d\u80fd\u4f7f\u7528\u3002 \u9996\u5148\uff0c #cd \/usr\/local\/Zend #find lib -type d -exec chcon -t lib_t {} \\; #find lib -name &#8220;*.so&#8221; -exec chcon -t textrel_shlib_t {} \\; \u63a5\u7740\u7f16\u8f91\/etc\/selinux\/targeted\/modules\/local strattera adhd.te\u6587\u4ef6\u5982\u4e0b\uff1a<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[7,20,6],"class_list":["post-157","post","type-post","status-publish","format-standard","hentry","category-tech","tag-centos","tag-linux","tag-selinux"],"_links":{"self":[{"href":"https:\/\/minqiao.me\/index.php?rest_route=\/wp\/v2\/posts\/157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/minqiao.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/minqiao.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/minqiao.me\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/minqiao.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=157"}],"version-history":[{"count":1,"href":"https:\/\/minqiao.me\/index.php?rest_route=\/wp\/v2\/posts\/157\/revisions"}],"predecessor-version":[{"id":511,"href":"https:\/\/minqiao.me\/index.php?rest_route=\/wp\/v2\/posts\/157\/revisions\/511"}],"wp:attachment":[{"href":"https:\/\/minqiao.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/minqiao.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/minqiao.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}