Re: SElinux concerning symlink?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2008-07-24 at 21:36 +0000, Mike wrote:
> Craig White <craigwhite <at> azapple.com> writes:
> 
> > $ ls -lZ /home/craig/.ssh
> > -rw-------  craig craig user_u:object_r:user_home_t
> > client.id_dsa.key
> > -rw-------  craig craig user_u:object_r:user_home_t      id_dsa
> > -rw-rw-r--  craig craig unconfined_u:object_r:user_home_t
> > id_dsa.keystore
> > -rw-r--r--  craig craig unconfined_u:object_r:user_home_t id_dsa.pub
> > -rw-------  craig craig unconfined_u:object_r:user_home_t id_rsa
> > -rw-rw-r--  craig craig unconfined_u:object_r:user_home_t
> > id_rsa.keystore
> > -rw-r--r--  craig craig unconfined_u:object_r:user_home_t id_rsa.pub
> > -rw-------  craig craig user_u:object_r:user_home_t      known_hosts
> > 
> > but the issue of policy is that these are not the settings these files
> > would get if they were located in /opt.
> 
> Craig
> 
> I just changed the contexts to type user_home_t for the files in .ssh
> and this fixed the issue!
> 
> Your last listing of the contexts was the crucial one - 
> This is excellent and thanks again for your help - I'll sleep easier
> tonight!
----
No - you really need a better solution because if anything/anyone
relabels, the current policy will trash those settings.

Personally, I think you should probably mount what is /opt as /home and
that would fix most issues.

Craig

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux