[CentOS] selinux-policy update resets /etc/selinux/targeted/contexts/files/file_contexts?
Patrick Bervoets
patrick.bervoets at psc-elsene.be
Wed Dec 17 15:04:15 UTC 2014
Op 17-12-14 om 15:12 schreef Daniel J Walsh:
> On 12/17/2014 05:07 AM, Patrick Bervoets wrote:
>> Hi,
>>
>> On an internal webserver (latest C6) I want smb-access to /var/www/html/
>> In april I did
>> chcon -R -t public_content_rw_t /var/www/html/
>> setsebool -P allow_smbd_anon_write 1
>> setsebool -P allow_httpd_anon_write 1
>> echo "/var/www/html/ --
>> unconfined_u:object_r:public_content_rw_t:s0" >>
>> /etc/selinux/targeted/contexts/files/file_contexts
>>
> This is incorrect.
>
> # semanage fcontext -a -t public_content_rw_t '/var/www/html(/.*?)'
> # restorecon -R -v /var/www/html
>
> Should change the label and it should survive relabel.
>
> After the latest round of updates (including selinux-policy.noarch
> 0:3.7.19-260.el6_6.1 and selinux-policy-targeted.noarch
> 0:3.7.19-260.el6_6.1) samba-access to /var/www/html was denied.
>
Thanks, I know I shouldn't just follow serverfault instructions without complete understanding.
One day I'll have to learn to master selinux. (and rtfm)
Patrick
More information about the CentOS
mailing list