Difference between revisions of "Guide/Contexts"
From SELinux Wiki
(New page: === Contexts === ==== Displaying Contexts ==== Display the context of... ... your shell: <pre> $ id -Z unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c255 </pre> ... a file: <pre> $...) |
(No difference)
|
Revision as of 14:05, 26 June 2009
Contexts
Displaying Contexts
Display the context of...
... your shell:
$ id -Z unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c255
... a file:
$ ls -Z /bin/bash system_u:object_r:shell_exec_t:s0 /bin/bash
... a process:
$ ps -Z LABEL PID TTY TIME CMD unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c255 23912 pts/3 00:00:00 bash unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c255 25101 pts/3 00:00:00 ps
Changing Contexts
Change the context of...
... a file:
$ touch /tmp/myfile $ ls -Z /tmp/myfile unconfined_u:object_r:user_tmp_t:s0 /tmp/myfile $ chcon -t user_home_t /tmp/myfile $ ls -Z /tmp/myfile unconfined_u:object_r:user_home_t:s0 /tmp/myfile
... your shell:
$ id -Z unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c255 $ newrole -r system_r -t unconfined_t Password: $ id -Z unconfined_u:system_r:unconfined_t:s0-s0:c0.c255
... a program when started (temporary):
$ runcon system_u:system_r:crond_t:s0:c0.c255 /bin/bash $ id -Z system_u:system_r:crond_t:s0:c0.c255