An administrator needs to modify the file context type for a custom directory, /data/webapp, so that it matches the type used by web content in an SELinux environment. Which command should they use to accomplish this while ensuring the change is preserved by the default policy?
The command semanage fcontext -a -t httpd_sys_content_t '/data/webapp(/.*)?' is correct because semanage fcontext adds a persistent file-context rule to the SELinux policy. The -a option adds the rule, -t specifies the type, and the regular expression ensures the rule applies to the directory and its contents. As the rule is stored in file_contexts.local, it survives relabel operations and maintains consistency with policy defaults. The other options are incorrect:
chcon -t httpd_sys_content_t /data/webapp changes the label immediately but is not persistent after a relabel.
restorecon -v /data/webapp reapplies existing policy labels but cannot create a new mapping; it must follow a prior semanage fcontext rule to be effective.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is SELinux and why is it important?
Open an interactive chat with Bash
What does the command 'semanage fcontext' do in SELinux?
Open an interactive chat with Bash
What is the difference between 'chcon' and 'semanage'?