[CentOS] SELinux and access across 'similar types'

Ljubomir Ljubojevic office at plnet.rs
Sun Jan 8 13:36:21 UTC 2012


On 01/08/2012 02:10 PM, Marko Vojinovic wrote:
>> [root at g6950-21025 ~]# restorecon -v /tmp/hostname_SKYSLICE.INFO
>> >  [root at g6950-21025 ~]# ls -lZ /tmp/hostname_SKYSLICE.INFO
>> >  -rw-r--r--  apache apache system_u:object_r:file_t
>> >  /tmp/hostname_SKYSLICE.INFO
>> >  [root at g6950-21025 ~]#
> Well...
>
> With this output I would say that your policy has been customized to have
> file_t as the default label for that file. Have you used audit2allow on that
> machine before the filesystem was properly relabeled?

That file is in the /tpm folder, used by apache. I guess that apache was 
not stopped since/during relabeling so it stayed.

My suggestion:

stop apache
run relabeling again (if file continues to exists)
start apache
check

-- 

Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

Google is the Mother, Google is the Father, and traceroute is your
trusty Spiderman...
StarOS, Mikrotik and CentOS/RHEL/Linux consultant



More information about the CentOS mailing list