I'm using SELinux with CentOS 7 for many years but I have problem with labeling of
home dirs. In my policy and in semanage fcontext --list|grep
'/var/www/hosts/ak-chalupova.cz' I have custom labels of files:
-----------------------------------------------------------------------------------------------------------------------
/var/www/hosts/ak-chalupova.cz(/.*)? all files
system_u:object_r:ak-chalupova_cz_t:s0
/var/www/hosts/ak-chalupova.cz/logs(/.*)? all files
system_u:object_r:ak-chalupova_cz_log_t:s0
/var/www/hosts/ak-chalupova.cz/mail(/.*)? all files
system_u:object_r:ak-chalupova_cz_mail_t:s0
/var/www/hosts/ak-chalupova.cz/ak-chalupova.cz/cgi-bin(/.*)? all files
system_u:object_r:ak-chalupova_cz_cgi_t:s0
/var/www/hosts/ak-chalupova.cz/ak-chalupova.cz/cgi-bin/php.fcgi all files
system_u:object_r:ak-chalupova_cz_cgi_exec_t:s0
-----------------------------------------------------------------------------------------------------------------------
but when I run restorecon -R -v /var/www/hosts/ak-chalupova.cz/ it tries to label all
files as user_home_t:
-----------------------------------------------------------------------------------------------------------------------
restorecon reset /var/www/hosts/ak-chalupova.cz context
unconfined_u:object_r:ak-chalupova_cz_t:s0->unconfined_u:object_r:user_home_dir_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/.bash_logout context
unconfined_u:object_r:ak-chalupova_cz_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/mail context
unconfined_u:object_r:ak-chalupova_cz_mail_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/.bash_profile context
unconfined_u:object_r:ak-chalupova_cz_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/logs context
unconfined_u:object_r:ak-chalupova_cz_log_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/logs/access_log context
system_u:object_r:ak-chalupova_cz_log_t:s0->system_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/logs/error_log context
system_u:object_r:ak-chalupova_cz_log_t:s0->system_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/.bashrc context
unconfined_u:object_r:ak-chalupova_cz_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/ak-chalupova.cz context
unconfined_u:object_r:ak-chalupova_cz_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/ak-chalupova.cz/cgi-bin context
unconfined_u:object_r:ak-chalupova_cz_cgi_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/ak-chalupova.cz/cgi-bin/php.ini context
unconfined_u:object_r:ak-chalupova_cz_cgi_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/ak-chalupova.cz/cgi-bin/php.fcgi context
unconfined_u:object_r:ak-chalupova_cz_cgi_exec_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/ak-chalupova.cz/tmp context
unconfined_u:object_r:ak-chalupova_cz_t:s0->unconfined_u:object_r:user_home_t:s0
restorecon reset /var/www/hosts/ak-chalupova.cz/ak-chalupova.cz/www context
unconfined_u:object_r:ak-chalupova_cz_t:s0->unconfined_u:object_r:user_home_t:s0
-----------------------------------------------------------------------------------------------------------------------
Whaty I'm doing wrong?
Thangs in advance.