Ken YANG wrote: > Stephanos Manos wrote: >> Hi >> >> I'm in the proses of building a hole server and i was wondering what is >> the correct way of labeling the lost+found directory of various file >> systems that will be mounted under the /srv. I have labeled /srv as >> public_content_rw_t with >> semanage fcontext -a -t public_content_rw_t '/srv(/.*)?' >> but that results to lost+found being labeled as public_content_rw_t so i >> also run >> semange fcontext -a -f -d -t lost_found_t '/srv/(.*/)lost\+found' >> >> my question is: >> in /etc/selinux/targeted/contexts/files/file_contexts i see two lines >> for /lost+found >> a. /lost\+found/.* <<none>> >> b. /lost\+found -d system_u:object_r:lost_found_t:s0 >> >> the second is created with the above mentioned command >> who do i create the first or i don't needed? > > the first one is about the content in lost+found, and the second is > about the directory lost+found, i think you also find the "-d" item. > > the label rules you create through "semanage fcontext" are in: > > /etc/selinux/targeted/contexts/files/file_contexts.local > Yes i know that. when i issue the above mentioned semange fcontext command i see the following line created in /etc/selinux/targeted/contexts/files/file_contexts.local /srv/(.*/)lost\+found -d system_u:object_r:lost_found_t:s0 but how do i create a line that is /srv/(.*/)lost\+found/.* <<none>> in the file_contexts.local or i don't need it? Stephanos > >> Regards >> >> Stephanos Manos >> >> -- >> fedora-selinux-list mailing list >> fedora-selinux-list@xxxxxxxxxx >> https://www.redhat.com/mailman/listinfo/fedora-selinux-list >> > -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
