Overriding default file contexts?
Paul Howarth
paul at city-fan.org
Mon Apr 3 07:12:59 UTC 2006
On Sat, 2006-04-01 at 15:47 -0600, Ian Pilcher wrote:
> Perhaps there's a way to do this, and I simply don't know it.
>
> I just finished manually relabeling the Acrobat Reader libraries and
> plug-ins. Of course, if I ever have to relabel my filesystem, I'll have
> to do this again.
>
> Wouldn't it be nice if I could put file in a directory, .file_contexts
> for example, give it a special context (file_context_t?) which would
> never be changed, and specify contexts that would override the policy
> default contexts.
>
> It sure seems like this could save some pain.
You can do this with semanage (FC5) rather than a separate file.
# semanage fcontext -a -t textrel_shlib_t '/path/to/acroread/lib.*'
The last parameter is a regex that matches the libraries you want to
label with textrel_shlib_t. You can use multiple semanage calls if
necessary.
Paul.
More information about the fedora-selinux-list
mailing list