FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 07-05-2011, 02:38 PM
 
Default A question about roles

Feel free to point me to a link that discusses this, but how *does*
selinux decide on roles when I'm using restorecon? Does it use the context
of the directory above it, or that it's in, or is there something else?

mark

--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 07-05-2011, 03:52 PM
David Quigley
 
Default A question about roles

On Tue, 5 Jul 2011 10:38:44 -0400, wrote:
> Feel free to point me to a link that discusses this, but how *does*
> selinux decide on roles when I'm using restorecon? Does it use the
> context
> of the directory above it, or that it's in, or is there something
> else?
>
> mark
>
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux

My understanding is that restorecon uses the file contexts defined in
policy and if you look at these
/etc/selinux/policyname/contexts/files/file_contexts you will see it
defines a full context including role not just type. So the role from
restorecon and matchpathcon come from those files.

Dave
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 

Thread Tools




All times are GMT. The time now is 08:52 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org