Re: Need SELinux help for fail2ban!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 5/4/24 2:58 PM, Richard Shaw wrote:
On Sat, May 4, 2024 at 4:49 PM Carlos Rodriguez-Fernandez <carlosrodrifernandez@xxxxxxxxx <mailto:carlosrodrifernandez@xxxxxxxxx>> wrote: 

    The suggestion for one of the comments of using `/run/fail2ban(/.*)?`
    instead of `/run/fail2ban.*` doesn't work?
I try to be very careful with making changes in SELinux and I don't know what the difference is between those two statements. 

ChatGPT had the following to say:
In SELinux, these two statements represent regular expressions used in file context definitions. Let's break down each one: 

1. `/run/fail2ban(/.*)?`:
   - This regular expression matches paths that start with `/run/fail2ban/` followed by zero or more characters (`.*`) and optionally followed by a forward slash and zero or more characters (`(/.*)?`). Essentially, it matches paths like `/run/fail2ban`, `/run/fail2ban/`, and any subdirectories and files within `/run/fail2ban`. 

2. `/run/fail2ban.*`:
   - This regular expression matches paths that start with `/run/fail2ban` followed by zero or more characters (`.*`). It doesn't specify any specific structure beyond `/run/fail2ban`, so it matches paths like `/run/fail2ban`, `/run/fail2ban.log`, `/run/fail2ban/somefile`, etc. It doesn't specifically include subdirectories like the previous expression.
In summary, the first expression is more specific, including subdirectories under `/run/fail2ban`, while the second expression is more general, matching any path that starts with `/run/fail2ban`. 
---

It doesn't look like it would make a difference for the specific issue...
No one pasted the exact error message, but given that the socket is created but has the wrong label means that this change is correct. You want version 1. 
--
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux