selinux versus chcon
Daniel J Walsh
dwalsh at redhat.com
Tue Sep 20 15:05:26 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
On 09/19/2011 04:01 PM, Fulko Hew wrote:
> On Mon, Sep 19, 2011 at 3:32 PM, Eric Paris <eparis at redhat.com>
>> On Mon, 2011-09-19 at 14:49 -0400, Fulko Hew wrote:
>>> If so... why use chcon versus the semanage/restorecon
>>> technique? or if my assesement is wrong... can someone point me
>>> to a better explanation/tutorial?
> ... snip ...
>> So semanage+restorecon == will last, chcon == will likely get
>> blown away and make you angry later.
> Thanks for confirming that for me.
> Now my next issue is 'apparently' unknown contexts.
> My original RPM spec file added the 'httpd_sys_rw_content_t'
> context to a directory. Which was great for the versions of Fedora
> I was testing on, but now in RHEL 5.6 semanage complains with:
> "type 'httpd_sys_rw_content_t' not defined."
> So it seems that my %post section of my RPM file has to either
> 'know' what distribution or version of selinux support is installed
> so I can avoid attempting to use types that are not defined, or
> having some way of finding out what 'types' are available 'in this
> OS' so that I issue the 'appropriate commands'.
> How can I find out what 'types' are available'?
Another option would be just to request this labeling in the base
package. Open a bugzilla.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Rpm-list