restorecon is used to manually relabel a filesystem with defaults eg etc for etc dir or httpd_sys_content for /var/www/html dir. you need to check the values for defaults from semanage fcontext listing percy > Date: Tue, 6 Apr 2010 13:53:50 +0800 > Subject: SELinux restorecon does not work > From: james@xxxxxxxxxxxxxxxx > To: redhat-list@xxxxxxxxxx > > Hi All, > > I have this following issue in SELinux. I did what instruction say but the > security context has still never change. I hope anyone could help me out of > this. Thank you. > > ------------------------------------------------------- > # sealert -b > ........................................ > Summary: > SELinux is preventing postmaster (postgresql_t) "setattr" to ./db (etc_t). > > Allowing Access: > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for ./db, > > restorecon -v './db' > > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this access > - see FAQ Or you can disable SELinux protection altogether. Disabling > SELinux protection is not recommended. Please file a bug report against this > package. > ........................................ > > # ls -ldZ /etc/<apps>/db > drwx------ postgres postgres user_u:object_r:etc_t db > > # restorecon -v /etc/<apps>/db > # ls -ldZ /etc/<apps>/db > drwx------ postgres postgres user_u:object_r:etc_t db > ------------------------------------------------------- > > Regards, > James > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list _________________________________________________________________ Bollywood This Decade http://entertainment.in.msn.com/bollywoodthisdecade/ -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
