Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora SELinux Support (http://www.linux-archive.org/fedora-selinux-support/)
-   -   trying to set a context (http://www.linux-archive.org/fedora-selinux-support/694719-trying-set-context.html)

08-16-2012 07:34 PM

trying to set a context
 
Y'know, I know I'm asking for help, but I am so bloody frustrated that I
want to give an example of why most admins I know *loathe* selinux.

chcon doesn't last through reboots. Why? Or why have it?
semanage doesn't offer the most obvious flag: -R, recurse.

I've just restored a subversion repository from backup, after a drive
failed. Now I'm trying to set the context. I'm trying to follow Dan's
instructions in his blog
<http://danwalsh.livejournal.com/28027.html?thread=197755>

semanage fcontext -a -t httpd_sys_content_t 'mipav-svn/(*)'
/etc/selinux/targeted/contexts/files/file_contexts.local: line 5 has
invalid regex mipav-svn/(*): Invalid preceding regular expression

Huh? Ditto without the parens. Nothing's changed. I went back and used
chcon -R, which operates the way I expect a *Nix command to, so that
selinux would shut up. But I want this permanent, so what's the magical
incantation? Do I have the wrong keyboard? Or light a candle?

mark

--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Daniel J Walsh 08-16-2012 08:08 PM

trying to set a context
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/16/2012 03:34 PM, m.roth@5-cent.us wrote:
> Y'know, I know I'm asking for help, but I am so bloody frustrated that I
> want to give an example of why most admins I know *loathe* selinux.
>
> chcon doesn't last through reboots. Why? Or why have it? semanage doesn't
> offer the most obvious flag: -R, recurse.
>
> I've just restored a subversion repository from backup, after a drive
> failed. Now I'm trying to set the context. I'm trying to follow Dan's
> instructions in his blog
> <http://danwalsh.livejournal.com/28027.html?thread=197755>
>
> semanage fcontext -a -t httpd_sys_content_t 'mipav-svn/(*)'
> /etc/selinux/targeted/contexts/files/file_contexts.local: line 5 has
> invalid regex mipav-svn/(*): Invalid preceding regular expression
>
> Huh? Ditto without the parens. Nothing's changed. I went back and used
> chcon -R, which operates the way I expect a *Nix command to, so that
> selinux would shut up. But I want this permanent, so what's the magical
> incantation? Do I have the wrong keyboard? Or light a candle?
>
> mark
>

You are confusing Glob format that the shell uses with regular expressions
that grep and awk use.

semanage fcontext -a -t httpd_sys_content_t '/mipav-svn(/.*)?'



> -- selinux mailing list selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlAtUz0ACgkQrlYvE4MpobO2LQCg07Y+B9HkHp 9RvobaFSgWf52M
Q2sAn2t3lBj2vwcqzaPRglJxNBSbR9hd
=VF6J
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux


All times are GMT. The time now is 03:28 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.