Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   SELinux - different context on subdirectories (http://www.linux-archive.org/centos/266165-selinux-different-context-subdirectories.html)

Marcus Moeller 03-19-2009 12:47 PM

SELinux - different context on subdirectories
 
Hi all,

I have created a directory /srv with the following SELinux context:

system_u:object_r:var_t

Now I want to create a subdirectory within /srv which should get a
different context. So I tried to set e.g.:

semanage fcontext -a -t samba_share_t /srv/samba
/sbin/restorecon -v /srv/samba

but the context is always reset to:

system_u:object_r:var_t

What am I missing?

Best Regards
Marcus
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Ned Slider 03-19-2009 01:35 PM

SELinux - different context on subdirectories
 
Marcus Moeller wrote:
> Hi all,
>
> I have created a directory /srv with the following SELinux context:
>
> system_u:object_r:var_t
>
> Now I want to create a subdirectory within /srv which should get a
> different context. So I tried to set e.g.:
>
> semanage fcontext -a -t samba_share_t /srv/samba
> /sbin/restorecon -v /srv/samba
>
> but the context is always reset to:
>
> system_u:object_r:var_t
>
> What am I missing?
>

Hi Marcus,

Try the following:

semanage fcontext -a -t samba_share_t "/srv/samba(/.*)?"


Ned

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Ned Slider 03-19-2009 01:41 PM

SELinux - different context on subdirectories
 
Ned Slider wrote:
> Marcus Moeller wrote:
>> Hi all,
>>
>> I have created a directory /srv with the following SELinux context:
>>
>> system_u:object_r:var_t
>>
>> Now I want to create a subdirectory within /srv which should get a
>> different context. So I tried to set e.g.:
>>
>> semanage fcontext -a -t samba_share_t /srv/samba
>> /sbin/restorecon -v /srv/samba
>>
>> but the context is always reset to:
>>
>> system_u:object_r:var_t
>>
>> What am I missing?
>>
>
> Hi Marcus,
>
> Try the following:
>
> semanage fcontext -a -t samba_share_t "/srv/samba(/.*)?"
>
>
> Ned
>


You may also need to manually change the context first:

chcon -v --type=samba_share_t /srv/samba




_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Marcus Moeller 03-19-2009 01:44 PM

SELinux - different context on subdirectories
 
Dear Ned.

>
> You may also need to manually change the context first:
>
> chcon -v --type=samba_share_t /srv/samba

chcon did the trick.

Thanks a lot
Marcus
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Ned Slider 03-19-2009 01:48 PM

SELinux - different context on subdirectories
 
Marcus Moeller wrote:
> Dear Ned.
>
>> You may also need to manually change the context first:
>>
>> chcon -v --type=samba_share_t /srv/samba
>
> chcon did the trick.
>
> Thanks a lot
> Marcus

semanage will make the changes persistent through a complete filesystem
relabel (chcon will persist through a reboot, but not a relabel).

Cheers,

Ned


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 07:11 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.