Difference between chcon and semanage in SE Linux

14.10.2014 15:12

Jakub Walczak

Tags: SE Linux

There is "small" difference between

chcon -t some_file_type_t /some/file

and

semanage fcontext -a -t some_file_type_t /some/file
restorecon -v /some/file

The first one only set contex for specified file, but when file id deleted and created again or restored from backup (ie. tar without --selinux attribute) the changed context is not restored.

To permanently change context to file or some files, even created you have to use semanage:

semanage fcontext -a -t fome_file_type_t "/some/dir(/.*)?"

to change context to directory /some/dir and all files in this directory.

Kommentare

Bitte melden Sie sich Logan oder registrieren Sie sich um kommentieren zu können.

apache ARM AVR backup bash bezpieczeństwo CAD CAM CMS containers cron CSS cyrus database docker DSO203 DVD eAccelerator Eclipse elektronika ELM327 e-mail entertainment EPROM ez Publish firma fun GIMP GnuCash GPS GSM home automation HTML InO iso ISP JTAG KiCAD LaTeX LDAP LEGO Linux mc MRTG multimedia multimetia OpenOffice PAWN PDF plone poczta PostgreSQL programowanie python Redmine ruby SAN SE Linux security server serwer sieć sport SQL stm32 svn tmpwatch trac udev UML USB virtualization windows wine

Just my blog...

Tags

Archiv

Mai 2022

Mon Di Mi Do Fr Sa So
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          
eZ Publish™ copyright © 1999-2025 eZ Systems AS