-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/18/2013 02:58 PM, m.roth(a)5-cent.us wrote:
Daniel J Walsh wrote:
> On 04/18/2013 10:31 AM, m.roth(a)5-cent.us wrote:
>> David Quigley wrote:
>>> On 04/18/2013 10:12, m.roth(a)5-cent.us wrote:
>>>> David Quigley wrote:
<snip>
>>>> ? And why doesn't semanage have a was to set -t u?
>>>
>>> I'm not sure I understand your last question. Also I'm trying not to
<snip>
>> And the second note - if there's a syntax for semanage that lets me
change user context, I don't see it - the -s doesn't seem to let me do, for
example, -s system_u.
>>
> Please explain what you are trying to do? Change a logged in user
> context?
Nahhh.... Working on a new system, to replace an older one, and my
manager's copied some stuff, and either on the original system, or the
copy, don't know why, but the base of the directory tree we use for
websites came out as unconfined_u, and I was changing it to system_u. I've
run into that before, though, and want to make a change that will stick,
and result in new files being created with the correct context.
mark
-- selinux mailing list selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
Well for the most part you should not care. We do not enforce on SELinux
User, unless you are using a different policy.
unconfined_u means that the file was created by a user running as
unconfined_u. system_u means it was created by a system_u process or at
install time.
chcon -u system_u -R PATH
Would change all files under PATH to system_u.
restorecon ignores the user field unless you specify -F
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iEYEARECAAYFAlFwRoEACgkQrlYvE4MpobPB6wCgmaWuaaKyErFU4LyQFVgCfTIP
9S8An2MVGyv1i+e/LJ7inGTk3gzJIqWH
=+Xrl
-----END PGP SIGNATURE-----