rsync_selinux - phpMan

Command: man perldoc info search(apropos)  

rsync_selinux(8)      rsync Selinux Policy documentation      rsync_selinux(8)



NAME
       rsync_selinux - Security Enhanced Linux Policy for the rsync daemon

DESCRIPTION
       Security-Enhanced Linux secures the rsync server via flexible mandatory access con-
       trol.

FILE_CONTEXTS
       SELinux requires files to have an extended attribute to define the file type.  Pol-
       icy  governs  the  access  daemons have to these files.  If you want to share files
       using the rsync daemon, you must label the files and directories  public_content_t.
       So  if  you  created  a  special  directory /var/rsync, you would need to label the
       directory with the chcon tool.

       chcon -t public_content_t /var/rsync

       If you want to make this permanant, i.e. survive a relabel, you must add  an  entry
       to the file_contexts.local file.

       /etc/selinux/POLICYTYPE/contexts/files/file_contexts.local
              /var/rsync(/.*)? system_u:object_r:public_content_t


SHARING FILES
       If you want to share files with multiple domains (Apache, FTP, rsync,  Samba),  you
       can  set a file context of public_content_t and public_content_rw_t.  These context
       allow any of the above domains to read the  content.   If  you  want  a  particular
       domain  to  write  to  the public_content_rw_t domain, you must set the appropriate
       boolean.  allow_DOMAIN_anon_write.  So for rsync you would execute:

       setsebool -P allow_rsync_anon_write=1



BOOLEANS
       You can disable SELinux protection for the rsync daemon by executing:

       setsebool -P rsync_disable_trans 1
              service xinetd restart

       system-config-securitylevel is a GUI tool available  to  customize  SELinux  policy
       settings.

AUTHOR
       This manual page was written by Dan Walsh <dwalsh AT redhat.com>.


SEE ALSO
       selinux(8), rsync(1), chcon(1), setsebool(8)



dwalsh AT redhat.com                 17 Jan 2005                 rsync_selinux(8)

Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache/1.3.41 (Unix) PHP/5.2.5 mod_perl/1.30 mod_gzip/1.3.26.1a
Under GNU General Public License
2009-01-10 10:13 @38.103.63.58 CrawledBy CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
Valid XHTML 1.0!Valid CSS!