restorecond not expanding ~
Daniel J Walsh
dwalsh at redhat.com
Tue Nov 20 21:55:41 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stephen Smalley wrote:
> On Tue, 2007-11-20 at 13:50 -0700, Forrest Taylor wrote:
>> I am using RHEL5.1 selinux-policy-targeted-2.4.6-104.el5. restorecond
>> is not properly expanding the ~ or other wildcards
>> in /etc/selinux/restorecond.conf. By default, restorecond.conf
>> includes:
>> ~/public_html
>>
>> However, if I create that directory as a normal user, it gets the
>> standard context (user_home_t). If I explicitly put the full path
>> (e.g., /home/student/public_html), it works as expected.
>>
>> Does (or will) restorecond support wildcards/regex?
>
> Wildcards/regex, no. Tilde should be expanded to user home directories
> for users presently logged in to the system (based on utmp).
>
> Try running it with -d -v.
>
I haven't checked for a while. But yes it is supposed to check ~/FILE
It does this by watching the utmp file, for users logging in and then
adds the homedir to its list of directories to watch.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHQ1fdrlYvE4MpobMRAjm8AJ9ErZlpxIAqW67Ku8Bl7vQhSVApGgCgxjH2
tfuLTFhi9zoISehWc4XcvU8=
=OZba
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list