On Sun, 2023-12-10 at 17:07 -0600, Thomas Cameron via users wrote: > The files should inherit either the label of the directory they're > created in, or if a specific context has been set for a filename, it > should get that context. > > Normally, if something's incorrectly labeled, you can just restorecon -v > the file to see what it was changed to. In this example, I created an > index.html in root's home directory and them moved it to /var/www/html.
Actually, that brings up another point, that I don't know if it's still the case. When you write a file to a specific place, the SELinux contexts are set for what's usually expected at that file path. e.g. Write a page.html file in your homespace, and it'll get general context that won't be readable by a webserver. If you copied that file to another place, the copy will be written with the expected contexts for that new place. e.g. If you copied that page.html to your webserver serving path, the copy will get contexts that allow it to be web served. If you moved a file to another place, the original contexts went with the file. e.g. Your page.html in your homespace with general purpose contexts ends up in your webserver serving path still with general purpose contexts that don't allow it to be served. That kind of thing caused problems for people who migrated various kinds of data from one point to another, instead of copying it, or creating it in the right place to start with. -- NB: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the list. The following system info data is generated fresh for each post: uname -rsvp Linux 6.2.15-100.fc36.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 11 16:51:53 UTC 2023 x86_64 -- _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
