dongwa3808 2018-02-04 13:38
浏览 111

如何使用semanage以递归方式获取持久的特定文件类型

I'm currently running Centos 7 and configuring SELinux enabled, currently I configure my apache docroot under the /home/user/public_html and files/folders show the context label:

-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 readme.html
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-activate.php
drwxrwxr-x. user apache system_u:object_r:httpd_user_content_t:s0 wp-admin
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-blog-header.php
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-comments-post.php
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-config-sample.php
drwxrwxr-x. user apache system_u:object_r:httpd_user_content_t:s0 wp-content
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-cron.php
drwxrwxr-x. user apache system_u:object_r:httpd_user_content_t:s0 wp-includes
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-links-opml.php
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-load.php
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-login.php
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-mail.php
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-settings.php
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-signup.php
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-trackback.php
-rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 xmlrpc.php

I want to assign and change current context label httpd_user_content_t to httpd_user_script_exec_t recursively and apply only for all .php file types under public_html/. I already tried below code but the context still not changed:

# sudo semanage fcontext -a -t httpd_user_script_exec_t "/home/user/public_html/.*\.php"
# sudo restorecon -Rv public_html
# ls -Z
    -rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 readme.html
    -rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-activate.php
    drwxrwxr-x. user apache system_u:object_r:httpd_user_content_t:s0 wp-admin
    -rw-r--r--. user apache system_u:object_r:httpd_user_content_t:s0 wp-blog-header.php
  • 写回答

1条回答 默认 最新

  • douqianrou9079 2018-08-28 12:27
    关注

    I think you are missing the brackets to tell SELinux that you want to use a regular expression. Try it like that:

    sudo semanage fcontext -a -t httpd_user_script_exec_t "/home/user/public_html/(.*\.php)"
    评论

报告相同问题?

悬赏问题

  • ¥15 下图接收小电路,谁知道原理
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度
  • ¥30 关于#r语言#的问题:如何对R语言中mfgarch包中构建的garch-midas模型进行样本内长期波动率预测和样本外长期波动率预测
  • ¥15 ETLCloud 处理json多层级问题
  • ¥15 matlab中使用gurobi时报错
  • ¥15 这个主板怎么能扩出一两个sata口
  • ¥15 不是,这到底错哪儿了😭
  • ¥15 2020长安杯与连接网探