A question about roles
David Quigley
selinux at davequigley.com
Tue Jul 5 15:52:30 UTC 2011
On Tue, 5 Jul 2011 10:38:44 -0400, wrote:
> Feel free to point me to a link that discusses this, but how *does*
> selinux decide on roles when I'm using restorecon? Does it use the
> context
> of the directory above it, or that it's in, or is there something
> else?
>
> mark
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
My understanding is that restorecon uses the file contexts defined in
policy and if you look at these
/etc/selinux/policyname/contexts/files/file_contexts you will see it
defines a full context including role not just type. So the role from
restorecon and matchpathcon come from those files.
Dave
More information about the selinux
mailing list