From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
On 07/12/2013 11:41 AM, m.roth@xxxxxxxxx wrote:
> Something I have not yet found while googling: we have a package (bloody CA
> idiots) that has a directory with *both* executables and libraries. I want
> to change only the .so's to textrel_shlib_t; I do not want to change the
> directory, or the executables. Pardon my ignorance of what I consider to be
> an obscure wildcard usage, but how do do this? I've tried semanage fcontext
> -a -t textrel_shlib_t "/usr/local/opt/smwa/webagent/bin/*.so"
You need to use regular expressions.
# semanage fcontext -a -t textrel_shlib_t
"/usr/local/opt/smwa/webagent/bin/.*\.so"
# restorecon -R -v /usr/local/opt/smwa
Should work.
> with and without parens around the asterisk, and around the last slash and
> the asterisk....
Well... after seeing errors in /var/log/messages concerning my previous
tries, I looked in
/etc/selinux/targeted/contexts/files/file_contexts.local, and saw all of
them entered; I noted it was autogenerated by semanage. I did something
I'm sure is not approved, I just deleted all the previous attempts from
that file. I then ran the command, as you have it, above, and that did
*not* work. One question: *will* it work if smwa is a symlink, not a hard
full path?
mark
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
