[CentOS] SELinux file permissions

Mon Jan 23 22:44:25 UTC 2017
Tim Smith <r.a.n.d.o.m.d.e.v.4+centos at gmail.com>

Thanks for the pointer, will take a look down that route.

Could you confirm the below is expected behaviour on Centos ?

# semanage fcontext -a -t my_postfixauth_private_t
"/var/spool/postfix/private(/.*)?"
ValueError: Type my_postfixauth_private_t is invalid, must be a file
or device type

On 23 January 2017 at 19:06, Lukas Zapletal <lukas at zapletalovi.com> wrote:
> Hello,
>
> restorecon works only for existing files, for new files you are looking for
> file transition rule.
>
> Google that out, there is plenty of articles on that topic, for example:
>
> https://fedoraproject.org/wiki/Features/SELinuxFileNameTransition
>
> LZ
>
> 2017-01-23 19:57 GMT+01:00 Tim Smith <r.a.n.d.o.m.d.e.v.4+centos at gmail.com>:
>
>> Hi,
>>
>> I'm trying to grant dovecot the ability to manage its socket within
>> the postfix spool directory.
>>
>> I have added the below to file_contexts.local :
>>
>> /var/spool/postfix/private/dovecot-auth system_u:system_r:dovecot_t:s0
>>
>>
>> However, running "restorecon -v
>> /var/spool/postfix/private/dovecot-auth" gives me the following error
>> :
>>
>> restorecon:  lstat(/var/spool/postfix/private/dovecot-auth) failed:
>> No such file or directory
>>
>>
>> I cannot create the socket file in advance, because dovecot manages
>> it, and if you "touch" the file, dovecot complains.
>>
>> Where am I going wrong ?
>>
>> Thanks !
>>
>> Tim
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
>
>
> --
> S pozdravem / Best regards
>   Lukas Zapletal
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos