semanage fcontext is not overwriting default policies

Question

I'm trying to make some custom policy on selinux file context, but the default is not changing. Here is my commands:

semanage fcontext -a -t httpd_sys_content_t "/home/(.*)?"
semanage fcontext -a -t httpd_log_t "/home/.*/logs(/.*)?"
semanage fcontext -a -t httpd_tmp_t "/home/.*/tmp(/.*)?"
semanage fcontext -a -t httpd_var_run_t "/home/.*/tmp/session(/.*)?"
semanage fcontext -a -t httpd_cache_t "/home/.*/tmp/opcache(/.*)?"
semanage fcontext -a -t httpd_cache_t "/home/.*/tmp/wsdlcache(/.*)?"

And running that command after

restorecon -Rv /home

But at /home/anyuser I run the command ls -lZ and the output is:

drwxr-xr-x. user group unconfined_u:object_r:httpd_log_t:s0 logs
drwxr-xr-x. user group unconfined_u:object_r:httpd_user_content_t:s0 sub.domain.tld
drwxr-xr-x. user group unconfined_u:object_r:httpd_user_content_t:s0 public_html
drwxr-xr-x. user group unconfined_u:object_r:httpd_user_content_t:s0 tmp

Just the logs and tmp (inside) working, and the other nothing changes. Why? My file_context.local just have that settings, and its a clean CentOS 7.x install.

score 0 · Answer 1 · answered Jul 25 '19 at 12:12

0

The problem was solved, I dont understand why...but I made a fresh install and configure all the system again, and with the same commands the Selinux is working perfect.

answered Jul 25 '19 at 12:12

Tchelo

11
1
3

semanage fcontext is not overwriting default policies

1 Answers1