I received a SELinux alert today which said:
SELinux is preventing /usr/local/bin/snort from search access on the
directory logs.
One of the options was to do:
semanage fcontext -a -t FILE_TYPE 'logs'
(lots of FILE_TYPEs)
followed by
restorecon -v 'logs'
So here is what happens:
ll -Zd logs
drwxr-xr-x. root root unconfined_u:object_r:file_t:s0 logs
sudo semanage fcontext -a -t var_log_t 'logs'
sudo restorecon -v 'logs'
restorecon: Warning no default label for /media/NSM/NSM-SENSOR-2/logs
ll -Zd logs
drwxr-xr-x. root root unconfined_u:object_r:file_t:s0 logs
Nothing has changed.
So what do I need to do to set the file context correctly?
Paolo
Show replies by date