-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/17/2013 03:18 PM, Dominick Grift wrote: > On Thu, 2013-10-17 at 14:13 -0400, m.roth@xxxxxxxxx wrote: >> Now that the US gov't is back, and so am I.... >> >> I'm trying to fix a server that was rebooted, and obviously a bunch of >> stuff had the wrong context for some reason (I didn't set it up...) >> >> However: semanage fcontext -a -t httpd_sys_script_t >> "/<pathtowebsite>/<website>/cgi-bin/(.*)?" /usr/sbin/semanage: Type >> httpd_sys_script_t is invalid, must be a file or device type >> >> The same when I try semanage fcontext -a -t httpd_sys_script_t >> "/<pathtowebsite>/<website>/cgi-bin/(.*)?.cgi" >> >> There are subdirectories, and other stuff, and I really want to change >> the context only on what I want. However, that error message is utterly >> and completely useless and meaningless. >> >> So: what do I need to do to fix the contexts? >> >> mark >> > > httpd_sys_script_t is a process type, you are not allowed to label files > with process types: > > semanage fcontext -a -t httpd_sys_script_exec_t > "/<pathtowebsite>/<website>/cgi-bin/.*\.cgi" > >> >> -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/selinux > \ > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > You probably want httpd_sys_script_exec_t. The error message from semanage is actually pretty good. /usr/sbin/semanage: Type httpd_sys_script_t is invalid, must be a file or device type -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlJhIbwACgkQrlYvE4MpobOH/QCg45GTjmG3aUTccfIA6/bCtz4C IdYAn27UeQi/+LtykX/94dk0XQErbEDg =qyiD -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
