On Wed, 2009-07-22 at 11:06 -0700, Vadym Chepkov wrote: > Hi, > > Could you explain me, please, the behavior of the restorecon utility. > > I added the following in the local.fc file > > # phpbb > /var/www/phpbb/cache(/.*)? gen_context(system_u:object_r:httpd_sys_script_rw_t,s0) > /var/www/phpbb/files(/.*)? gen_context(system_u:object_r:httpd_sys_script_rw_t,s0) > > compiled and installed policy, seems to be in place. > > # semanage fcontext -l|grep phpbb > /var/www/phpbb/cache(/.*)? all files system_u:object_r:httpd_sys_script_rw_t:s0 > /var/www/phpbb/files(/.*)? all files system_u:object_r:httpd_sys_script_rw_t:s0 > > But when now I run restorecon -vR /var/www/phpbb/ > it doesn't do anything. I would expect it to changed context on two directories and files in them. What was the context before? Was the only difference the 'user' portion? I don't think restorecon bothers to reset the context if the only thing 'wrong' is the user, since the user is not relevant to any security operations.... -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
