Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE Manual page 73
Selinux guide
Hide thumbs
Also See for ENTERPRISE LINUX 4 - SELINUX GUIDE:
- Manual (410 pages) ,
- System administration manual (400 pages) ,
- Administration manual (200 pages)
Table of Contents
Advertisement
Chapter 5. Controlling and Maintaining SELinux
Tip
If the file has no label, such as a file created while SELinux was disabled in the kernel, you need to
give it a full label with
about applying a partial context to an unlabeled file.
Use
when you want to restore files to the policy default. There are two other methods to
restorecon
do this that work on the entire file system,
you to be the root user. Cautions against both of these methods appear in Section 5.2.2 Relabel a File
System.
This example shows restoring the default user home directory context to a set of files that have differ-
ent types:
# These two sets of files have different types, and are
# being moved into a directory for archiving.
# are different from each other, and incorrect for a standard
# user's home directory:
ls -Z /tmp/{1,2,3}
-rw-rw-r--
auser
-rw-rw-r--
auser
-rw-rw-r--
auser
mv /tmp/{1,2,3} archives/
mv public_html/* archives/
ls -Z archives/
-rw-rw-r--
auser
-rw-rw-r--
auser
1.html
-rw-rw-r--
auser
-rw-rw-r--
auser
2.html
-rw-rw-r--
auser
-rw-rw-r--
auser
3.html
-rw-rw-r--
auser
4.html
-rw-rw-r--
auser
5.html
-rw-rw-r--
auser
index.html
# The directory archives/ is already the default type
# because it was created in the user's ~/ directory:
ls -Zd archives/
drwxrwxr-x
auser
# Relabeling with restorecon uses the default file contexts set
# by the policy, so these files are labeled with the default
# label for the directory they are in.
/sbin/restorecon -R archives/
ls -Z archives/
-rw-rw-r--
auser
-rw-rw-r--
auser
-rw-rw-r--
auser
-rw-rw-r--
auser
-rw-rw-r--
auser
-rw-rw-r--
auser
chcon system_u:object_r:shlib_t foo.so
fixfiles
auser
user_u:object_r:tmp_t
auser
user_u:object_r:tmp_t
auser
user_u:object_r:tmp_t
auser
user_u:object_r:tmp_t
auser
user_u:object_r:httpd_user_content_t \
auser
user_u:object_r:tmp_t
auser
user_u:object_r:httpd_user_content_t \
auser
user_u:object_r:tmp_t
auser
user_u:object_r:httpd_user_content_t \
auser
user_u:object_r:httpd_user_content_t \
auser
user_u:object_r:httpd_user_content_t \
auser
user_u:object_r:httpd_user_content_t \
auser
user_u:object_r:user_home_t
auser
system_u:object_r:user_home_t
auser
system_u:object_r:user_home_t
auser
system_u:object_r:user_home_t
auser
system_u:object_r:user_home_t
auser
system_u:object_r:user_home_t
auser
system_u:object_r:user_home_t
. If you don't, you get an error
or a policy relabeling operation. These require
Their contexts
archives/
59
/tmp/1
/tmp/2
/tmp/3
1
2
3
1
1.html
2
2.html
3
3.html
Advertisement
Table of Contents
Related Manuals for Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE
Related Products for Red Hat ENTERPRISE LINUX 4 - SELINUX GUIDE
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.5
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.6
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.7
- Red Hat ENTERPRISE LINUX 4 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 4 - LVM ADMINISTRATOR
- Red Hat ENTERPRISE LINUX 4 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 4 - STEP BY STEP GUIDE
- Red Hat ENTERPRISE LINUX 4.5.0 -
- Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE
- Red Hat ENTERPRISE LINUX 3 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE
- Red Hat ENTERPRISE LINUX 5.1 DM MULTIPATH
- Red Hat LINUX 7.2 - OFFICIAL LINUX CUSTOMIZATION GUIDE
- Red Hat LINUX 7.1 - ISERIES
- Red Hat Enterprise Linux 2.1
- Red Hat CLUSTER FOR ENTERPRISE LINUX 5.0