Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
linux_wiki:restore_default_file_contexts [2016/02/29 22:18] billdozor created |
linux_wiki:restore_default_file_contexts [2019/05/25 23:50] (current) |
||
---|---|---|---|
Line 3: | Line 3: | ||
**General Information** | **General Information** | ||
- | About this page/how-to/script. | + | Contexts are defined in a policy and then restored from policy |
---- | ---- | ||
+ | |||
+ | ===== Restoring Labels ===== | ||
Restore file's default selinux context | Restore file's default selinux context | ||
Line 18: | Line 20: | ||
</ | </ | ||
* This restores security context for all directories and files system wide on boot | * This restores security context for all directories and files system wide on boot | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ===== Create Context Labels for New Directories ===== | ||
+ | |||
+ | **Method 1**: Find a usable context type and create it. | ||
+ | |||
+ | \\ | ||
+ | Create a new context rule for a directory "/ | ||
+ | <code bash> | ||
+ | semanage fcontext -a -t httpd_sys_content_t '/ | ||
+ | </ | ||
+ | * The regular expression " | ||
+ | |||
+ | \\ | ||
+ | **Method 2**: Copy the context type from an existing directory | ||
+ | |||
+ | \\ | ||
+ | Copy the source directory context to the target directory (make equal) | ||
+ | <code bash> | ||
+ | semanage fcontext -a -e / | ||
+ | restorecon -rv /website | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | **Once context label rules are defined, they need to be restored to the directory** | ||
+ | |||
+ | \\ | ||
+ | Restore Defined Context Rule | ||
+ | <code bash> | ||
+ | restorecon -rv /website | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | Delete Defined Context Rule (if you made a mistake creating it) | ||
+ | <code bash> | ||
+ | semanage fcontext -d "/ | ||
+ | </ | ||
---- | ---- | ||