On 04/18/2013 08:01 PM, m.roth@xxxxxxxxx wrote: > David Quigley wrote: >> On 04/18/2013 10:12, m.roth@xxxxxxxxx wrote: >>> David Quigley wrote: > <snip> >>>> Attached is my first crack at the argparse version of semanage. > <snip> >>> Well, if you're screwing with semanage's syntax... can't the bizarre > syntax of wildcards be changed to something *normal*? Y'know, like make > semanage fcontext -a -t httpd_sys_content_t /web\* >>> ? >>> And why doesn't semanage have a was to set -t u? >> >> I'm not sure I understand your last question. Also I'm trying not to > mess with the syntax so we don't obsolete all the documentation out > there. >> > Maybe, but the semanage syntax for wildcards is *utterly* unlike any other > usage - any shell, or perl, or whatever, and I see absolutely no reason to > have it so different. I guarantee it confuses people - I had problems just > a bit ago. > > And the second note - if there's a syntax for semanage that lets me change > user context, I don't see it - the -s doesn't seem to let me do, for > example, -s system_u. > You probably need to use both semanage user ... and semanage login ... to have a user mapped to a specific SELinux context on login, -- Regards, Rejy M Cyriac (rmc) -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
