On Wed, Sep 20, 2017 at 05:54:19PM +0800, Ed Greshko wrote:
On 09/20/17 17:33, Frédéric Bron wrote:
ls -Zd /etc
system_u:object_r:etc_t:s0 /etc/
looks fine?
Yes, perfectly fine...
How the output of this?
restorecon -F -v /etc/passwd
FWIW, looking in /etc/selinux/targeted/contexts/files/file_contexts I see....
/etc/passwd[-+]? -- system_u:object_r:passwd_file_t:s0
But, at the moment I don't know the significance of [-+]? at the end.
I suspect it is an extended RE. The "[-+]" would be a character class that includes "-", "", and "+". the "?" makes it optional. I.e. the name "/etc/passwd" matches with one of the three characters after the "d" or without any character after the "d".
jl