Hello,
I'm creating a package for bitcoin, and I must have messed up the file
contexts, because the directory /var/lib/bitcoin is always labeled as
'user_home_dir_t'.
Previously, I had a regular user 'bitcoin' with a homedir in
/home/bitcoin, but I removed it and its homedir some days ago. Now it's
a system user:
# grep bitcoin /etc/passwd
bitcoin:x:988:983:Bitcoin wallet server:/var/lib/bitcoin:/sbin/nologin
# grep bitcoin /etc/group
bitcoin:x:983:
bitcoin.fc:
/var/lib/bitcoin(/.*)?
gen_context(system_u:object_r:bitcoin_var_lib_t,s0)
# ls -laZ /var/lib/bitcoin/
drwxr-x---. bitcoin bitcoin user_u:object_r:user_home_dir_t:s0 .
drwxr-xr-x. root root system_u:object_r:var_lib_t:s0 ..
# chcon -u system_u -t object_r -t bitcoin_var_lib_t /var/lib/bitcoin/
# restorecon -F -r -v /var/lib/bitcoin
restorecon reset /var/lib/bitcoin context
system_u:object_r:bitcoin_var_lib_t:s0->user_u:object_r:user_home_dir_t:s0
# semanage fcontext -l | grep bitcoin
/etc/bitcoin(/.*)? all files
system_u:object_r:bitcoin_conf_t:s0
/usr/bin/bitcoind regular file
system_u:object_r:bitcoin_exec_t:s0
/var/lib/bitcoin(/.*)? all files
system_u:object_r:bitcoin_var_lib_t:s0
How are the homedirs contexts managed? I can't figure a way to get it
labeled correctly. Any hint?
Thank you.
--
Juan Orti
GPG Key: DEEBD08B - https://www.miceliux.com/~juan/pubkey.asc
Blog: https://apuntesderoot.wordpress.com/
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
