Wikipedia:Reference desk/Archives/Computing/2018 March 5
| Computing desk | ||
|---|---|---|
| < March 4 | << Feb | March | Apr >> | March 6 > |
| Welcome to the Wikipedia Computing Reference Desk Archives |
|---|
| The page you are currently viewing is a transcluded archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages. |
March 5[edit]
Why are selinux contexts controlled via REs in /etc/selinux/targeted/contexts/files/ rather than directory inheritance[edit]
It seems odd to me that selinux facls are controlled by defaults in directories (setfacl -d) whereas contexts are stored as regular expressions in files via semanage. Why the difference? -- Q Chris (talk) 09:12, 5 March 2018 (UTC)
- Since there are no takers for this question I though I would add my own insight after working for a few days with selinux. It appears that facls are usually the concern of the sys admin, like the file groups and permissions. On the other hand contexts and policies are likely to be set by application developers and distribution packagers, so it is useful to have them defined in this way. - Q Chris (talk) 15:40, 9 March 2018 (UTC)