linux_wiki:restore_default_file_contexts

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
linux_wiki:restore_default_file_contexts [2016/02/29 22:18]
billdozor created 		linux_wiki:restore_default_file_contexts [2019/05/25 23:50] (current)
Line 3: Line 3:
 **General Information** **General Information**
  
-About this page/how-to/script+Contexts are defined in a policy and then restored from policy to files
  
 ---- ----
 +
 +===== Restoring Labels =====
  
 Restore file's default selinux context Restore file's default selinux context
Line 18: Line 20:
 </code> </code>
   * This restores security context for all directories and files system wide on boot   * This restores security context for all directories and files system wide on boot
 +
 +----
 +
 +===== Create Context Labels for New Directories =====
 +
 +**Method 1**: Find a usable context type and create it.
 +
 +\\
 +Create a new context rule for a directory "/website"
 +<code bash>
 +semanage fcontext -a -t httpd_sys_content_t '/website(/.*)?'
 +</code>
 +  * The regular expression "(/.*)?" will include any sub-directories/files if they exist
 +
 +\\
 +**Method 2**: Copy the context type from an existing directory
 +
 +\\
 +Copy the source directory context to the target directory (make equal)
 +<code bash>
 +semanage fcontext -a -e /var/www/html /website
 +restorecon -rv /website
 +</code>
 +
 +\\
 +**Once context label rules are defined, they need to be restored to the directory**
 +
 +\\
 +Restore Defined Context Rule
 +<code bash>
 +restorecon -rv /website
 +</code>
 +
 +\\
 +Delete Defined Context Rule (if you made a mistake creating it)
 +<code bash>
 +semanage fcontext -d "/website(/.*)?"
 +</code>
  
 ---- ----
  
  • linux_wiki/restore_default_file_contexts.1456802284.txt.gz
  • Last modified: 2019/05/25 23:50
  • (external edit)