Welcome to my website. I am always posting links to photo albums, art, technology and other creations. Everything that you will see on my numerous personal sites is powered by the formVistaTM Website Management Engine.

icon.linkedin.jpgicon.twitter.jpg

  • PiHole SELinux Type Enforcement File for lighttpd for CentOS 7
    01/01/2020 8:20AM

    If you want to run PiHole on CentOS and want to run SELinux (which you should be doing), the following is the te file you can use to allow lighttpd to do its thing.

    module pihole-lighttpd-module 1.0;

    require {
            type httpd_t;
            type shadow_t;
            class file getattr;
            type unreserved_port_t;
            class capability sys_resource;
            class tcp_socket name_connect;
            class file read;
            class file open;
            class process setrlimit;
    }

    #============= httpd_t ==============
    allow httpd_t shadow_t:file getattr;
    allow httpd_t self:process setrlimit;
    allow httpd_t self:capability sys_resource;
    allow httpd_t shadow_t:file read;
    allow httpd_t shadow_t:file open;

    allow httpd_t unreserved_port_t:tcp_socket name_connect;

Advanced Search

Categories

Archives