First crack at argparse parser for semanage.

[Daniel J Walsh]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/18/2013 02:58 PM, m.roth at 5-cent.us wrote:
> Daniel J Walsh wrote:
>> On 04/18/2013 10:31 AM, m.roth at 5-cent.us wrote:
>>> David Quigley wrote:
>>>> On 04/18/2013 10:12, m.roth at 5-cent.us wrote:
>>>>> David Quigley wrote:
> <snip>
>>>>> ? And why doesn't semanage have a was to set -t u?
>>>> 
>>>> I'm not sure I understand your last question. Also I'm trying not to
> <snip>
>>> And the second note - if there's a syntax for semanage that lets me
> change user context, I don't see it - the -s doesn't seem to let me do, for
> example, -s system_u.
>>> 
>> Please explain what you are trying to do?  Change a logged in user
>> context?
> 
> Nahhh.... Working on a new system, to replace an older one, and my 
> manager's copied some stuff, and either on the original system, or the 
> copy, don't know why, but the base of the directory tree we use for 
> websites came out as unconfined_u, and I was changing it to system_u. I've 
> run into that before, though, and want to make a change that will stick, 
> and result in new files being created with the correct context.
> 
> mark
> 
> 
> 
> -- selinux mailing list selinux at lists.fedoraproject.org 
> https://admin.fedoraproject.org/mailman/listinfo/selinux
> 
> 
Well for the most part you should not care.  We do not enforce on SELinux
User, unless you are using a different policy.

unconfined_u means that the file was created by a user running as
unconfined_u.  system_u means it was created by a system_u process or at
install time.

chcon -u system_u -R PATH
Would change all files under PATH to system_u.

restorecon ignores the user field unless you specify -F


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlFwRoEACgkQrlYvE4MpobPB6wCgmaWuaaKyErFU4LyQFVgCfTIP
9S8An2MVGyv1i+e/LJ7inGTk3gzJIqWH
=+Xrl
-----END PGP SIGNATURE-----