From SELinux Wiki
Jump to: navigation, search

Moving files around the filesystem needs no special instructions. However, if a file is moved and restorecon is run on the file in the new location, the file context may change. By adding an equivalence to the policy, restorecon and setfiles programs labeling the files correctly. For example, if you wanted to move the web pages directory from /var/www to /srv/www, you would run the following semanage command.

# semanage fcontext -a -e /var/www /srv/www

This makes the /srv/www directory equivalent to /var/www/; thus, files under this directory will be labeled the same as if the files were in /var/www. To modify the equivalence:

# semanage fcontext -m -e /var/www/ /srv/www

To delete the equivalency:

# semanage fcontext -d /srv/www

Test it out by making a /srv/www directory and running restorecon on it:

# restorecon /src/www