Mike Carney wrote:
Daniel J Walsh wrote:
Mike Carney wrote:
Greetings,
I've got a couple of extra filesystems I use for various reasons which
currently have a default_t context. I mount them under a new directory
"/export", which I've set to mnt_t:
/dev/sda9 on /export/0 type ext3 (rw)
/dev/sdb9 on /export/1 type ext3 (rw)
/dev/sdb10 on /export/2 type ext3 (rw)
203# ls -dZ /export /export/*
drwxr-xr-x root root system_u:object_r:mnt_t /export/
drwxr-xr-x root root system_u:object_r:default_t /export/0/
drwxr-xr-x root root system_u:object_r:default_t /export/1/
drwxr-xr-x root root system_u:object_r:default_t /export/2/
204#
Any guidance as to what context should I set these file system mount
points to? mnt_t? usr_t? How do I specify using semanage that I don't
want the relabel to propogate to subdirectories? (e.g., <<none>>).
Depends on what you want to do with them. You can leave them as
default_t, if you do not want a confined domain
to touch them. If you need some confined domains to touch them you will
need to set context appropriately.
Thanks in advance,
Hi Dan, thanks for the response. Right now I simply want to set the
contexts for the /export and the mount directories within that directory
(/export/{0,1,2}) without having that context propagate to
subdirectories simply to make hald happy. Later, when I've learned more
about SELinux, I'll make other adjustments.
Ok lets fix hal then. What is it complaining about?
So, some guidance as to what context those directories should be
(mnt_t or usr_t) and the proper incantation to get semanage to accept
"<<none>>" as the "no relabel" token.
Thanks!
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
