Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Restore Default File Contexts ====== **General Information** Contexts are defined in a policy and then restored from policy to files. ---- ===== Restoring Labels ===== Restore file's default selinux context <code bash> restorecon file.txt </code> \\ Relabel everything on the filesystem on next boot <code bash> touch /.autorelabel </code> * This restores security context for all directories and files system wide on boot ---- ===== Create Context Labels for New Directories ===== **Method 1**: Find a usable context type and create it. \\ Create a new context rule for a directory "/website" <code bash> semanage fcontext -a -t httpd_sys_content_t '/website(/.*)?' </code> * The regular expression "(/.*)?" will include any sub-directories/files if they exist \\ **Method 2**: Copy the context type from an existing directory \\ Copy the source directory context to the target directory (make equal) <code bash> semanage fcontext -a -e /var/www/html /website restorecon -rv /website </code> \\ **Once context label rules are defined, they need to be restored to the directory** \\ Restore Defined Context Rule <code bash> restorecon -rv /website </code> \\ Delete Defined Context Rule (if you made a mistake creating it) <code bash> semanage fcontext -d "/website(/.*)?" </code> ---- linux_wiki/restore_default_file_contexts.txt Last modified: 2019/05/25 23:50(external edit)