On 07/16/2018 04:23 PM, Max Pyziur wrote: > On Mon, 16 Jul 2018, Kevin Fenzi wrote: > >> On 07/16/2018 12:05 PM, Max Pyziur wrote: >>> >>> Greetings, >>> >>> Twenty minutes of googling and still no answers. >>> >>> When I do a directory listing using 'ls -l' >>> >>> and I see >>> >>> -rw-rw-r-- >>> -rw-r--r--. >>> >>> >>> What's the final period indicate. >>> >>> I realize that this is a newbie question, but I'm stumped at finding an >>> answer. >> >> From 'info ls' (yeah, I know, info pages are horrible...): >> >> " >> Following the file mode bits is a single character that specifies >> >> whether an alternate access method such as an access control list >> >> applies to the file. When the character following the file mode >> bits is a space, there is no alternate access method. When it is a >> >> printing character, then there is such a method. >> >> GNU ‘ls’ uses a ‘.’ character to indicate a file with a security >> >> context, but no other alternate access method. >> >> A file with any other combination of alternate access methods is >> >> marked with a ‘+’ character. >> " >> >> So, it indicates the file has a selinux context on it. (See which one >> with ls -Z) > > Much thanks for the reply; this was very helpful. > > If I recall on the machines that I did a fresh install of Fedora, the > first boot defaulted to selinux being on. I think that in every case > I've disabled it. Yes, Fedora defaults to SELinux in targeted, enforcing mode. > Given that the prevalence of this attribute is on files and directories > from those periods when the first Fedora installation, that reinforces > the point. SELinux is a good thing to have and you really should learn to make use of it. Most of the policies that come with the system are pretty good, but there are restrictions on things such as document roots for web servers (they have to be in the "appropriate" spots according to the policy). SELinux has caused us some grief with legacy systems and poorly written applications (I usually get hit with Perl-based stuff), but for the most part it's certainly usable. And for the occasions where you just can't get around it, you can write local policies to accommodate such weirdnesses. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@xxxxxxxxxxxxxx - - AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 - - - - BASIC is the Computer Science version of `Scientific Creationism' - ---------------------------------------------------------------------- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx/message/I4UPXWVOFWZF3N6YZ5BHGDELR7ZTMPAP/
