What is special about /home?
Forrest Taylor
ftaylor at redhat.com
Fri Apr 27 15:34:49 UTC 2007
On Fri, 2007-04-27 at 11:17 -0400, Stephen Smalley wrote:
> On Fri, 2007-04-27 at 08:39 -0600, Forrest Taylor wrote:
> > On Thu, 2007-04-26 at 16:30 -0600, Forrest Taylor wrote:
> > > I have a .fc file that contains:
> > > /home/dir(/.*)? system_u:object_r:tmp_t:s0
> > >
> > > When I create the directory, it gets user_home_dir_t and files in the
> > > directory get user_home_t. After I load the module, restorecon will not
> > > change the permissions on the directory or files. So, what is special
> > > about those types? I thought at first that they may be customizable
> > > types, but they aren't listed in the file. semanage fcontext doesn't
> > > show them either. Any clues?
> >
> > I forgot to mention that I am using RHEL 5.0.0.
>
> There is an ordering/precedence among the different kinds of file
> contexts configurations, with the base file_contexts generated from the
> module .fc files at the lowest priority, the file_context.homedirs file
> generated by genhomedircon as the next priority, and the
> file_contexts.local file as the highest priority.
>
> So a module .fc file can be overridden by the genhomedircon-generated
> entries or by the local file contexts added via semanage fcontext -a.
> Sounds like you should be using semanage fcontext -a for this instead of
> a module.
Yes, yes it does. Thanks for the explanation.
Forrest
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20070427/d6b01493/attachment.sig>
More information about the fedora-selinux-list
mailing list