5.10.2. Moving Files and Directories
File and directories keep their current SELinux context when they are moved. In many cases, this is incorrect for the location they are being moved to. The following example demonstrates moving a file from a user's home directory to /var/www/html/
, which is used by the Apache HTTP Server. Since the file is moved, it does not inherit the correct SELinux context:
By default, the Apache HTTP Server can not read files that are labeled with the user_home_t
type. If all files comprising a web page are labeled with the user_home_t
type, or another type that the Apache HTTP Server can not read, permission is denied when attempting to access them via Firefox or text-based Web browsers.
Important
Moving files and directories with the mv
command may result in the wrong SELinux context, preventing processes, such as the Apache HTTP Server and Samba, from accessing such files and directories.