我目前正在学习 SELinux。我正在按照RedHat 的 SELinux 文档中的说明进行操作。键入以下命令后,我确实成功了:
mkdir /mywebsite
//add something to /mywebsite/index.html
semanage fcontext -a -t httpd_sys_content_t "/mywebsite(/.*)?"
restorecon -R -v /mywebsite //everythins worked well by then
但后来我做了更多的事情:
chcon -R -t httpd_sys_content_t /mywebsite //I can't access index.html now, as expected
restorecon -R -v /mywebsite //Still can't access index.html!!
semanage fcontext -a -t httpd_sys_content_t "/mywebsite(/.*)?"
restorecon -R -v /mywebsite //didn't work, either
ls -dZ /mywebsite // unconfined_u:object_r:httpd_sys_content_t:s0
Firefox 中的错误消息是:
Forbidden
You don't have permission to access /index.html on this server. …在 的手册页中grep,我看到
The symbols \< and \> respectively match the empty string at the beginning and
end of a word. The symbol \b matches the empty string at the edge of a word.
但我仍然无法弄清楚其中的区别。对我来说,\b是 Perl 的词边界表示法,而\<Vim 的表示法也是出于同样的目的。
PS:英语不是我的母语。如果差异对您来说很明显,请原谅我。