priority between file context rules
Dominick Grift
dominick.grift at gmail.com
Mon Nov 18 14:28:08 UTC 2013
On Mon, 2013-11-18 at 15:22 +0100, Vidalie Hervé wrote:
> I would like to set a default type on /WEBS and his subfolders:
> semanage fcontext -a -t httpd_sys_content_t '/WEBS(/.*)?'
> restorecon -Rv /WEBS*
> However, this command sets the type httpd_sys_content_t recursively on everything in /WEBS
> What is the priority between file context rules? I thought more precise rules will prevail on others.
I can't answer your last question since i was under the same impression
but:
You can use:
semanage fcontext -m -t httpd_sys_content_t -f -d '/WEBS(/.*)?'
To modify the spec to make it apply to directories only (note the -f -d)
More information about the selinux
mailing list