On Tue, 2014-07-01 at 14:17 +0530, dE wrote: > The default security context of a object also depends on it's class. > > I was looking at > etc/selinux/<SELINUXTYPE>/contexts/files/file_contexts*, but I couldn't > see any definition of a class. > > Also semanage fcontext doesn't have an option define a class. Entries > are based only on files and directories. semanage support -f only file object classes apply to file object context specifications obviously. file: -- dir: -d symbolic link: -l named pipe: -p sock file: -s semanage fcontext -a ... -f -d "/test/mydir" semanage fcontext -a ...-f -s "/test/mysocket" semanage fcontext -a ... -f -- "/test/myfile" ... etc ... if the file object context spec applies to any file object then you need not specify the class: semanage fcontext -a ... "/test/anyfileobjects(/.*)?" So in file_contexts look for -- -d -s -l -p, if none of those are specified then the spec applies to any file object class > > If you get red text in this email please notify. > _______________________________________________ > Selinux mailing list > Selinux@xxxxxxxxxxxxx > To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. > To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
