root root system_u:object_r:httpd_config_t:s0 ssl.conf In the following example, we see that both ssl.conf and nf has different SELinux context.
FILESAFE RW FILE SAFE LINK FILE SAFE SETUP FULL
In that case, you can use the security context of another file as a reference, and use that to assign it to your file.īasically, instead of specifying the full SELinux context for the file, you are just using another file’s context for your file. Sometimes you might not know what SELinux context you should be setting for a file. Change Context Using Another File as a Reference But, in many situations, you may find-out that it is just that the file in question is having a wrong security context, which can be changed using chcon command. Note: In the above example, we are giving the full SELinux context of a file (i.e user, role, type and range) in the format of user:role:type:range without breaking it any further.Īnytime you are faced with some SELinux related issues, you may be tempted to just Disable SELinux as we explained earlier. root root system_u:object_r:httpd_config_t:s0 nf We can verify this by using the following ls -lZ command. In the above example, we have changed the security context of nf file to the following, which is the correct one. # chcon system_u:object_r:httpd_config_t:s0 nf So, to change the security context, use the following chcon command. That is a wrong SELinux context for the nf file that is under /etc/httpd/conf directory. In the above example, the security context of the nf file is the following: root root unconfined_u:object_r:admin_home_t:s0 nf To view security context of a file, use -Z (uppercase Z) option in the ls command as shown below.
Change Only the Range (Level) in SELinux Context.
0 kommentar(er)
