Re: How to label top level non default dirs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2009-04-21 at 12:31 +0100, Tony Molloy wrote:
> Hi,
> 
> If I have a top level non default directory say for argument called /data. 
> This directory contains various scripts and text files which should be 
> available to everyone. Now when I do an install it gets the default selinux 
> context file_t. But this generates lots of AVC's if I set selinux to 
> enforcing. What should I label this directory as.
> 
> Regards,
> 
> Tony
> 

Depends on what you want to use it for. For example you can label it
root_t if you want to put in folders that resemble /var or /etc
or /home/user etc.

You can also label /data var_t if that it what you will use it for.

Or you can for example label /data user_home_t if you want to store
user_content there.

It just depends on how you will use /data.

-/data(root_t)---/user_content(user_home_t)
               \-/var(var_t)
               \-/etc(etc_t)
               \-/custom(some_custom_type_t)
	       \- etcetc

for example: if you want to store web content in /data you would label
it httpd_sys_content_t (just like /var/www is labeled that type)

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux