[root@servera home]# ls -dZ student/ unconfined_u:object_r:user_home_dir_t:s0 student/
user_home_dir_t的部分就是/home/student的selinux的上下文。
查看root目录的selinux
1 2
[root@servera /]# ls -Zd /root/ system_u:object_r:admin_home_t:s0 /root/
admin_home_t的部分就是/root的selinux的上下文。
修改命令
1
[root@servera /]# semanage fcontext -a -t admin_home_t '/home/student(/.*)?'
'/home/student(/.*)?'部分后面的(/.*)?是固定的。
使配置生效
1 2 3 4 5 6 7 8 9
[root@servera /]# restorecon -RFvv /home/student/ Relabeled /home/student from unconfined_u:object_r:user_home_dir_t:s0 to system_u:object_r:admin_home_t:s0 Relabeled /home/student/.bash_logout from unconfined_u:object_r:user_home_t:s0 to system_u:object_r:admin_home_t:s0 Relabeled /home/student/.bash_profile from unconfined_u:object_r:user_home_t:s0 to system_u:object_r:admin_home_t:s0 Relabeled /home/student/.bashrc from unconfined_u:object_r:user_home_t:s0 to system_u:object_r:admin_home_t:s0 Relabeled /home/student/.ssh from unconfined_u:object_r:ssh_home_t:s0 to system_u:object_r:admin_home_t:s0 Relabeled /home/student/.ssh/known_hosts from unconfined_u:object_r:ssh_home_t:s0 to system_u:object_r:admin_home_t:s0 Relabeled /home/student/.ssh/authorized_keys from unconfined_u:object_r:ssh_home_t:s0 to system_u:object_r:admin_home_t:s0 Relabeled /home/student/.bash_history from unconfined_u:object_r:user_home_t:s0 to system_u:object_r:admin_home_t:s0
再次查看student目录的selinux
1 2
[root@servera /]# ls -dZ /home/student/ system_u:object_r:admin_home_t:s0 /home/student/