Hello everyone, If create a folder called "whatever" under /var, the context is: root:object_r:var_t /var/whatever/ That's expected as it is under /var. If I then change its type: chcont -t httpd_sys_content_t /var/whatever The context looks like: root:object_r:httpd_sys_content_t /var/whatever/ My question is...Shouldn't a relabeling of the filesystem change the type of this directory back to var_t? I just performed a relabel (/.autorelabel) and the directory stayed with httpd_sys_content_t. I thought that the only way this could happen was if I used "semanage fcontext -a ...." so that a new line would be appended in: /etc/selinux//etc/selinux/targeted/contexts/files/file_contexts.local. Not only that, If I perform "matchpathcon /var/whatever" I still get var_t as its default type. Then again, why it kept the httpd_sys_content_t after the relabel? Thansk in advance, Jorge
On Wednesday 09 September 2009 08:08:27 am Jorge F?bregas wrote:> If I perform "matchpathcon ?/var/whatever" I still get var_t as > its default type. Then again, why it kept the httpd_sys_content_t after the > relabel?I did the same test on Fedora 10 (which of course is way newer than Centos) and it behaves different (the way I had in mind): after a relabel thru ./autorelabel, all the files & directories I create under /var return to var_t (if there's no override in file_contexts.local). In CentOS 5.3, If I manually change from var_t to something else, when I relabel the filesystem, the file keeps the type I specified (and not the default it should have based on its location). Please if anyone knows why this happens i'd be glad to know. Thanks, Jorge