What is the proper way to use an alternate public_html path?

Paul Howarth paul at city-fan.org
Mon Dec 15 10:06:40 UTC 2008


Matej Cepl wrote:
> On 2008-12-14, 16:09 GMT, Paul Howarth wrote:
>>> i would like to use ~/Public insted of ~/public_html.
>>>
>>> What is the proper way to do this such that restorecon respects the
>>> change?
>> I do it by creating a local policy module (localmisc) and put this (I
>> use ~/WWW for this purpose) in localmisc.fc:
>>
>> HOME_DIR/WWW(/.*)? gen_context(system_u:object_r:public_content_rw_t,s0)
> 
> I think you could be all right just with semanage
> 
> semanage fcontext -a \
>     -t httpd_user_content_t \
>     '/home/.*/Public(/.*)?'
> 
> should be enough. Of course, you have to fiddle with the regexp 
> to suit your configuration.

I used to use semanage for this but I find that using a local policy 
module (I invariably need the odd rule or two to allow for local 
configuration strangeness) makes it easier to see what policy 
customizations I've made and to change them if necessary - manageability 
is better this way I think. Using HOME_DIR should also cater for those 
people that have home directories somewhere other than straight under /home.

Paul.




More information about the fedora-selinux-list mailing list