Re: semanage, how do I hate thee...

On Thu, 2013-10-17 at 14:13 -0400, m.roth(a)5-cent.us wrote: > Now that the US gov't is back, and so am I.... > > I'm trying to fix a server that was rebooted, and obviously a bunch of > stuff had the wrong context for some reason (I didn't set it up...) > > However: semanage fcontext -a -t httpd_sys_script_t > "/<pathtowebsite>/<website>/cgi-bin/(.*)?" /usr/sbin/semanage: Type > httpd_sys_script_t is invalid, must be a file or device type > > The same when I try semanage fcontext -a -t httpd_sys_script_t > "/<pathtowebsite>/<website>/cgi-bin/(.*)?.cgi" > > There are subdirectories, and other stuff, and I really want to change > the context only on what I want. However, that error message is utterly > and completely useless and meaningless. > > So: what do I need to do to fix the contexts? > > mark > httpd_sys_script_t is a process type, you are not allowed to label files with process types: semanage fcontext -a -t httpd_sys_script_exec_t "/<pathtowebsite>/<website>/cgi-bin/.*\.cgi" > > -- selinux mailing list selinux(a)lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/selinux \ -- selinux mailing list selinux(a)lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlJhIbwACgkQrlYvE4MpobOH/QCg45GTjmG3aUTccfIA6/bCtz4C IdYAn27UeQi/+LtykX/94dk0XQErbEDg =qyiD -----END PGP SIGNATURE-----