tim.largy wrote: > > Because I have limited space in /var and a program that wants to put > gigabytes of data in /var/www, I want to move that directory > (/var/www) elsewhere and simlink to it. What's the proper way to do > this with SELinux enforcing? > > I have a similar need when I move /var/spool/mail to another partition, and the way I do it that leads to success is as follows (translating to your case) all as root: mkdir /path-to-new/www Check contexts on this new directory are the same as for /var/www ll -Zd /var/www drwxr-xr-x root root system_u:object_r:httpd_sys_content_t:s0 /var/www Now copy all the files in the original using rsync (after stopping services that use /var/www) to the new area copying the file contexts at the same time: rsync -aXH /var/www/* /path-to-new/www/ Make sure you use the -X flag as above. Now move the original directory out of the way and make a new directory in its place: # cd /var # mv www www.ORIG # mkdir www Now check the context of the two files by: ls -Z www* Make sure that the new www matches that of the original. Then make a bind mount to mount the new area to the old area by adding a line to /etc/fstab like /path-to-new/www /var/www none bind 0 0 Then # mount /path-to-new/www should bind mount the new area. Then you can start up your services as if they were in the original area. (if necessary you can check that restorecon does keep the files contexts of the bind mounted files in the new area correct and if not you can make new rules using semanage fcontext that will survive a restorecon later) I hope this helps... -- View this message in context: http://www.nabble.com/Moving--var-www-with-SELinux-enforcing-tp21019357p21021072.html Sent from the Fedora List mailing list archive at Nabble.com. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
