Add note about sefcontext doing no restorecon (#39076)
* Add note about sefcontext doing no restorecon To someone like me who is relatively new to SELinux, setting the "reload" option to yes might suggest that a restorecon is automatically executed after the semanage call, making the new file context effective immediately. I have found out that this is not the case and would like to clarify this to others. +label: docsite_pr * Replace note by one suggested by reviewer Reviewer dagwieers suggested a better notice text during review of my original one, giving recommendations about what to do to actually get the newly chosen SELinux context applied to the file.pull/4420/head
Zeust the Unoobian
Dag Wieers
parent
fdcf8c7f74
commit
db88cb8d8f
|
|
@ -53,6 +53,10 @@ options:
|
||||||
default: 'yes'
|
default: 'yes'
|
||||||
notes:
|
notes:
|
||||||
- The changes are persistent across reboots
|
- The changes are persistent across reboots
|
||||||
|
- The M(sefcontext) module does not modify existing files to the new
|
||||||
|
SELinux context(s), so it is advisable to first create the SELinux
|
||||||
|
file contexts before creating files, or run C(restorecon) manually
|
||||||
|
for the existing files that require the new SELinux file contexts.
|
||||||
requirements:
|
requirements:
|
||||||
- libselinux-python
|
- libselinux-python
|
||||||
- policycoreutils-python
|
- policycoreutils-python
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue