default and new file contexts
Daniel J Walsh
dwalsh at redhat.com
Tue Mar 26 14:33:59 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/25/2013 01:56 PM, m.roth at 5-cent.us wrote:
> Daniel J Walsh wrote:
>> On 03/25/2013 10:13 AM, m.roth at 5-cent.us wrote:
>>> We've got a scratch directory; in it, any user can write. I've gotten
>>> complaints of unlabled, and I found and set them to default_t.
>>>
>>> Here's the question: if I use semanage to set one of the user
>>> subdirectories to, say, default_t, and they try to copy a file that
>>> already has a valid context, would that context be changed to
>>> default_t, or would it retain its existing context?
>>>
>> If it is shared by users I would label it something like user_home_t.
>>
>> cp command adopts the label of the destination parent directory or file
>> (Most of the time).
>>
>> mv command maintains the label of the source.
>
> But if, after this, I do a restorecon, or fixfiles, or autorelabel, will
> that change all of them?
>
> mark
>
Yes. Unless the file is listed in customizable_types,
/etc/selinux/targeted/contexts/customizable_types
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlFRsdYACgkQrlYvE4MpobO41QCeMwHLe+NTidY88Bi+1sFZpB7/
K7IAoK+5aUXvXIdQ9GFKxNOfTAk7YUja
=60uI
-----END PGP SIGNATURE-----
More information about the selinux
mailing list