On Tue, 2009-04-21 at 12:31 +0100, Tony Molloy wrote:
> Hi,
>
> If I have a top level non default directory say for argument called /data.
> This directory contains various scripts and text files which should be
> available to everyone. Now when I do an install it gets the default selinux
> context file_t. But this generates lots of AVC's if I set selinux to
> enforcing. What should I label this directory as.
>
> Regards,
>
> Tony
>
Depends on what you want to use it for. For example you can label it
root_t if you want to put in folders that resemble /var or /etc
or /home/user etc.
You can also label /data var_t if that it what you will use it for.
Or you can for example label /data user_home_t if you want to store
user_content there.
It just depends on how you will use /data.
-/data(root_t)---/user_content(user_home_t)
\-/var(var_t)
\-/etc(etc_t)
\-/custom(some_custom_type_t)
\- etcetc
for example: if you want to store web content in /data you would label
it httpd_sys_content_t (just like /var/www is labeled that type)
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
