I made a module that should (as I understand it) make the "/var/www/site/data/" have a RW context while the rest of the site is RO but when the module is installed it only changes the files in the data directory but not the context of the data dir itself.

I have tried adding a unique rule for that dir in case the wildcard was causing it to lose priority but no luck. I tried with and without a trailing forward slash and setting the module priority higher but still nothing. Any suggestions would be greatly appreciated. If there any more info I can provide LMK, thanks again.

Code: Select all

/var/www/site/                         --  gen_context(system_u:object_r:httpd_sys_content_t,s0)
/var/www/site/data(/.*)?      --  gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
/var/www/site/data/              --  gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)

OK the answer was simple but I just couldn't find the documentation explaining the "--" in the second column means to only apply to files. Leaving it empty will apply to everything and "-d" will apply only to directories. I had thought it was just part of the syntax of the file so I has it on all my rules.