On 26/11/2017 17:44, Thomas Mueller wrote:
Did you use the equivalence option of semanage fcontext for
/mnt/volume/var/log?
semanage fcontext -a -e /home /mnt/volume/var/log
see also: https://danwalsh.livejournal.com/27571.html
- Thomas
Hi Thomas,
this surely is a very good idea. Right now I am doing a limited use of
the equivalence policy; thank you for the reminder.
However, some selinux policies (for example, the MariaDB/MySQL one) will
*not* permit to read/follow symlinks, and this blocks the process from
running correctly.
With your proposal, I need to a) establish equivalence between
/var/lib/mysql and /mnt/volume/var/lib/mysql and b) reconfigure MariaDB
to point at /mnt/volume/var/lib/mysql.
When moving "busy" directories as /var/lib and /var/log, I would avoid
the need to reconfigure each service using them to point to the new
subdirectory.
Thanks.
--
Danti Gionatan
Supporto Tecnico
Assyoma S.r.l. - www.assyoma.it
email: g.danti@xxxxxxxxxx - info@xxxxxxxxxx
GPG public key ID: FF5F32A8
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
