Unable to change user in security context of symlink

users selinux

I have created a few symbolic links to replace some broken links in /etc/pam.d. The original links have system_u as the user. The newly created ones somehow have unconfined_u as the user. I am not sure if there is any security implications to this though the target files all have system_u as the user.

I tried the following:

# restorecon -v thefilename

and

# chcon -v -u system_u thefilename

Both methods do not lead to any change to the user in SELinux security context. Why is that so? Is there any security risk if I don't change the user? And how to make the change?


The SELinux user is ignored in the default targeted policy. It is fine to leave them as is, unless you plan to use the strict or mls policies, or use confined users.

As for changing the context of a symbolic link, you need to use the -h option to chcon so that it changes the context of the symlink, rather than the file to which it points.

Related

Cisco ASA 5520 Unable to access external IP on Internal Network
Outlook SSL Error after New Certificate Installation
Am I getting DDoSed, and what should I about it?
How to block Skype using Squid?
Linux EC2 Instance Security Consideration
Windows 2003 DC to Windows 2008 R2 DC with same name and same IP
Apache Dynamic Virtual Host with SSL [duplicate]
Using iptables to redirect incoming requests from port 2525 to port 25?
Exim: how to deliver locally and send a copy to another server
Two NICs, one server
Why does my SSH passphrase work with `plink` and not `ssh`?
Is it possible to have regular-expression CNAME record in DNS?