restorecon works but fcontext returns back to its default

[Shintaro Fujiwara]

Thanks.
It works!

I have to remember the risk I've taken, but that was what I wanted to do.


2014-03-01 23:34 GMT+09:00 Shintaro Fujiwara <shintaro.fujiwara at gmail.com>:

> Hi.
>
> I'm working with my web server and minor trouble I'm in.
>
> I write a php script which writes to /var/www/html/javascripts directory.
> So, I added by semanage command
> # semanage fcontext -a -t httpd_sys_rw_content_t
> "/var/www/html/javascripts(/.*)?
> I checked by
> #semanage fcontext -l | grep /var/www/html
> Found what I set.
> So, I typed
> # restorecon -r -v /var/www/html
> I checked by semanage fcontext -l command again and found that the
> directory has httpd_sys_rw_content_t.
> So, I fired up php script to write a file in /var/www/html/javascripts
> Alas, audit error, and this time, semanage fcontext -l says
> /var/www/html/javascripts has an context httpd_sys_content_t.
>
> I have to restorecon every time I write file to /var/www/html/javascripts
> by php script.
>
> Why restorecon works fine at first and next time doesn't work at all?
>
> --
> 日本にヘヴィメタル・ハードロックを根付かせるページ
> http://www.heavymetalhardrock.tk/
>
> 世界中でセキュアＯＳのSELinuxを使いやすくするフリーソフト
> http://sourceforge.net/projects/segatex/
>
> CMS（PHPとPostgreSQLを使ったフリーソフト）
> http://sourceforge.net/projects/webon/
>



-- 
日本にヘヴィメタル・ハードロックを根付かせるページ
http://www.heavymetalhardrock.tk/

世界中でセキュアＯＳのSELinuxを使いやすくするフリーソフト
http://sourceforge.net/projects/segatex/

CMS（PHPとPostgreSQLを使ったフリーソフト）
http://sourceforge.net/projects/webon/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20140304/206c7a9e/attachment.html>