Creating an equivalent context with source on a custom path has no effect on the target custom path

Solution Verified - Updated -

Issue

  • Adding an equivalent context from a custom path to another custom path has no effect, as shown in the example below

    Below, we have 2 application root paths /app1 and /app2 for which we want to apply the standard root tree context.

    # semanage fcontext -a -e / /app1
# semanage fcontext -a -e /app1 /app2

    Result:

    # matchpathcon /app1/bin/foo
/app1/bin/foo   system_u:object_r:bin_t:s0 <<<<< THIS IS CORRECT
# matchpathcon /app2/bin/foo
/app2/bin/foo   system_u:object_r:default_t:s0 <<<<< THIS IS NOT CORRECT

  • Adding an equivalent context with a custom home directory as source on another custom home directory as target has no effect, as shown in the example below

    Below we have 2 users in custom locations /app/user1 and /app/user2, the first user gets configured with an equivalence based on standard location and the second user gets configured with an equivalence based on the other custom user.

    # semanage fcontext -a -e /home/user /app/user1
# semanage fcontext -a -e /app/user1 /app/user2

    Result:

    # matchpathcon /app/user1
/app/user1  unconfined_u:object_r:user_home_dir_t:s0 <<<<< THIS IS CORRECT
# matchpathcon /app/user2
/app/user2  system_u:object_r:default_t:s0 <<<<< THIS IS NOT CORRECT

Environment

  • Red Hat Enterprise Linux
    • SELinux

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content