[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: restorecon question

From: Eric Paris <eparis redhat com>
To: Vadym Chepkov <chepkov yahoo com>
Cc: Fedora SELinux <fedora-selinux-list redhat com>
Subject: Re: restorecon question
Date: Wed, 22 Jul 2009 15:12:39 -0400

On Wed, 2009-07-22 at 11:06 -0700, Vadym Chepkov wrote:
> Hi,
> 
> Could you explain me, please, the behavior of the restorecon utility.
> 
> I added the following in the local.fc file
> 
> # phpbb
> /var/www/phpbb/cache(/.*)?				gen_context(system_u:object_r:httpd_sys_script_rw_t,s0)
> /var/www/phpbb/files(/.*)?				gen_context(system_u:object_r:httpd_sys_script_rw_t,s0)
> 
> compiled and installed policy, seems to be in place.
> 
> # semanage fcontext -l|grep phpbb
> /var/www/phpbb/cache(/.*)?                         all files          system_u:object_r:httpd_sys_script_rw_t:s0 
> /var/www/phpbb/files(/.*)?                         all files          system_u:object_r:httpd_sys_script_rw_t:s0 
> 
> But when now I run restorecon -vR /var/www/phpbb/
> it doesn't do anything. I would expect it to changed context on two directories and files in them.

What was the context before?  Was the only difference the 'user'
portion?  I don't think restorecon bothers to reset the context if the
only thing 'wrong' is the user, since the user is not relevant to any
security operations....

Follow-Ups:
- Re: restorecon question
  - From: Vadym Chepkov

References:
- restorecon question
  - From: Vadym Chepkov

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]