Relabeling question
Tony Molloy
tony.molloy at ul.ie
Fri Jun 29 14:13:58 UTC 2007
On Friday 29 June 2007 13:39, Anthony Messina wrote:
> On Friday 29 June 2007 03:41:37 am Tony Molloy wrote:
> > On Thursday 28 June 2007 12:23, Anthony Messina wrote:
> > > On Thursday 28 June 2007 03:55:15 am Tony Molloy wrote:
> > > > I have a filesystem which I need to make available under ftp ( vsftpd
> > > > ) httpd ( apache ) and NFS. It contains our local mirrors.
> > > >
> > > > What should the permissions and the SELInux context be on the
> > > > filesystem and how can I relabel it so that it can be available under
> > > > all three.
> > > >
> > > > The current permissions/SELinux context are
> > > >
> > > > drwxr-xr-x root root system_u:object_r:default_t mirrors
> > > >
> > > > and I want something like
> > > >
> > > > drwxr-xr-x root root root:object_r:public_content_t TEST
> > >
> > > you do want the public_content_t (or perhaps the public_content_rw_t if
> > > it's not read only).
> >
> > This is a read only mirror site so public_content_t should be enough.
> > How do I do that.
>
> to change the context of files, you can use the chcon utility. man chcon.
> it should be something like:
>
> "chcon -R -t public_content_t TEST"
>
> which will recursively relabel TEST directory everything under it with the
> right context.
>
> you should also create a file
> as /etc/selinux/targeted/contexts/files/file_contexts.local
> which contains a line like
>
> /TEST(/.*)? system_u:object_r:public_content_rw_t:s0
>
> that way, that directory will have a "default" context
Thanks, I'll give that a try. I'm doing a install on that server at the
moment.
Tony
More information about the fedora-selinux-list
mailing list