On Wed, 2009-07-22 at 12:57 -0700, Vadym Chepkov wrote: > You are right, these types are listed in /etc/selinux/targeted/contexts/customizable_types: > > .... > httpd_sys_content_t > httpd_sys_htaccess_t > httpd_sys_script_exec_t > httpd_sys_script_ra_t > httpd_sys_script_ro_t > httpd_sys_script_rw_t > httpd_unconfined_script_exec_t > .... > > May I ask, why do they set this way? Because users may choose to customize the labeling of their web hierarchy and we didn't want restorecon to clobber it. These days that isn't so necessary because users can use semanage fcontext -a to add entries for their customizations, and that is why customizable_types in F11 doesn't include those types. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
