[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How can i change high level of a file in the target security context

From: Cai Xianchao
Subject: Re: How can i change high level of a file in the target security context
Date: Mon, 21 Jul 2008 09:44:52 +0800
User-agent: Thunderbird (Windows/20080421)

Jim Meyering said the following on 2008-07-19 22:18:
> Cai Xianchao <address@hidden> wrote:
>> I run as root and used chcon -l to set range of a file, but it failed and
>> there was error message output.
>> I did as follows:
>> #uname -r
>> 2.6.18-92.el5
>> #sestatus
>> SELinux status:                 enabled
>> SELinuxfs mount:                /selinux
>> Current mode:                   enforcing
>> Mode from config file:          enforcing
>> Policy version:                 21
>> Policy from config file:        targeted
>> #chcon -l s0:c1 test
>> #ls -Z
>> -rw-r--r--  root root root:object_r:user_home_t:s0:c1  test
>> #chcon -l s0:c0-s0:c0.c100 test
>> chcon: failed to change context of test to
>> root:object_r:user_home_t:s0:c0-s0:c0.c100: Permission denied
>> How can i change high level of a file when SELINUX is open and the policy
>> is targeted?
> Thanks for the report, but I don't understand what you'd like to do.

I wanted to set the file's SE Linux High Level when SE Linux is open, but it
failed. It's strange that a file's SE Linux Low Level can be set, but High
Level can't.

> What would you like "ls -Z test" to print after you've adjusted the
> context of that file?

I want to see if it is success to set the file's SE Linux Low Level.



Cai Xianchao

A new email address of FJWAN is launched from Apr.1 2007.
The updated address is: address@hidden
Cai Xianchao
Development Dept.I
Nanjing Fujitsu Nanda Software Tech. Co., Ltd.(FNST)
8/F., Civil Defense Building, No.189 Guangzhou Road,
Nanjing, 210029, China
TEL: +86+25-86630566-837
COINS: 79955-837
FAX: +86+25-83317685
This communication is for use by the intended recipient(s) only and may contain 
information that is privileged, confidential and exempt from disclosure under 
applicable law. If you are not an intended recipient of this communication, you 
are hereby notified that any dissemination, distribution or copying hereof is 
strictly prohibited.  If you have received this communication in error, please 
notify me by reply e-mail, permanently delete this communication from your 
system, and destroy any hard copies you may have printed

reply via email to

[Prev in Thread] Current Thread [Next in Thread]