CompTIA Linux+ XK0-006 (V8) Practice Question

The output of ls -Z is formatted as SELinux-user:role:type:level. Access decisions in the targeted policy are driven mainly by Type Enforcement rules that match the process domain against the object type. The file is labeled admin_home_t, a type intended for user-home data; the httpd_t domain is only allowed to read types such as httpd_sys_content_t. Because no rule permits httpd_t to read objects of type admin_home_t, the read request is denied. The SELinux user (system_u), role (object_r), and MLS sensitivity (s0) are irrelevant to this denial under the default targeted policy, so they are not the root cause.