Ben's notes

Linux, Unix, network, radio...

User Tools

Site Tools


selinux_list_contexts

CentOS 7 - List SELinux contexts

  • First, install setools:
    yum install setools
  • List all types:
    seinfo -t
  • List all users:
    seinfo -u
  • List all roles:
    seinfo -r
  • List all booleans:
    seinfo -r
  • Help:
    seinfo --help

Example

You want to add a CIFS share and set the correct SELinux context on the shared directory and below.

  • Find the samba type:
    seinfo -t |grep samba
       samba_secrets_t
       samba_spool_t
       samba_unconfined_script_exec_t
       samba_net_t
       samba_var_t
       samba_net_exec_t
       samba_net_tmp_t
       samba_unconfined_net_t
       samba_unconfined_script_t
       samba_unit_file_t
       sambagui_exec_t
       samba_share_t
       samba_initrc_exec_t
       sambagui_t
       samba_etc_t
       samba_log_t
  • We probably need samba_share_t.
  • Check already configured contexts:
    semanage fcontext -l
  • Set the context, if you don't know how, check semanage fcontext --help and read the semanage-fcontext manpage (with examples).
    semanage fcontext -a -t samba_share_t "/opt/smbdata(/.*)?"
selinux_list_contexts.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1