Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

restorecon does not effect User component of the SELinux context unless you specify the -f flag.

semanage fcontext -m -t TYPE file

is the proper command, it is really used to set the file type not the file SELinux user. I am surprised the semanage command you specified even works. I would bet the -s command is ignored.

BTW SELinux user component on file is totally ignored by SELinux as far as enforcement of rules. The Type field is the important field.

On Fedora 18 this would give you an error. semanage fcontext -a -s system_u /dan /sbin/semanage: SELinux Type is required

restorecon does not effect User component of the SELinux context unless you specify the -f flag.

semanage fcontext -m -t TYPE file

is the proper command, it is really used to set the file type not the file SELinux user. I am surprised the semanage command you specified even works. I would bet the -s command is ignored.

BTW SELinux user component on file is totally ignored by SELinux as far as enforcement of rules. The Type field is the important field.

On Fedora 18 this would give you an error. error.

semanage fcontext -a -s system_u /dan /dan

/sbin/semanage: SELinux Type is required