Creating Archives That Retain Security Contexts - Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT Deployment Manual
Hide thumbs
Also See for ENTERPRISE LINUX 5 - DEPLOYMENT:
- Manual (402 pages) ,
- Configuration (86 pages) ,
- Overview (68 pages)
Table of Contents
Advertisement
Chapter 45. Working With SELinux
The archives/ directory already has the default type because it was created in the user's home
directory:
ls -Zd archives/
drwxrwxr-x
auser
auser
Using the restorecon command to relabel the files uses the default file contexts set by the policy, so
these files are labeled with the default label for their current directory.
/sbin/restorecon -R archives/
ls -Z archives/
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
45.1.4. Creating Archives That Retain Security Contexts
You can use either the tar or star utilities to create archives that retain SELinux security contexts.
The following example uses star to demonstrate how to create such an archive. You need to use the
appropriate -xattr and -H=exustar options to ensure that the extra attributes are captured and
that the header for the *.star file is of a type that fully supports xattrs. Refer to the man page for
more information about these and other options.
The following example illustrates the creation and extraction of a set of html files and directories. Note
that the two directories have different labels. Unimportant parts of the file context have been omitted
for printing purposes (indicated by ellipses '...'):
ls -Z public_html/ web_files/
public_html/:
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
web_files/:
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
-rw-rw-r--
auser
auser
The following command creates the archive, retaining all of the SELinux security contexts:
star -xattr -H=exustar -c -f all_web.star public_html/ web_files/
756
user_u:object_r:user_home_t
system_u:object_r:user_home_t
system_u:object_r:user_home_t
system_u:object_r:user_home_t
system_u:object_r:user_home_t
system_u:object_r:user_home_t
system_u:object_r:user_home_t
system_u:object_r:user_home_t
system_u:object_r:user_home_t
system_u:object_r:user_home_t
...httpd_user_content_t 1.html
...httpd_user_content_t 2.html
...httpd_user_content_t 3.html
...httpd_user_content_t 4.html
...httpd_user_content_t 5.html
...httpd_user_content_t index.html
user_u:object_r:user_home_t
user_u:object_r:user_home_t
user_u:object_r:user_home_t
user_u:object_r:user_home_t
user_u:object_r:user_home_t
user_u:object_r:user_home_t
archives/
file1
file1.html
file2
file2.html
file3
file3.html
file4.html
file5.html
index.html
1.html
2.html
3.html
4.html
5.html
index.html
Advertisement
Table of Contents
