Type Enforcement is the main permission control used in SELinux targeted policy. All files and processes are labeled with a type: types define a domain for processes and a type for files. SELinux policy rules define how types access each other, whether it be a domain accessing a type, or a domain accessing another domain. Access is only allowed if a specific SELinux policy rule exists that allows it.
The following types are used with rsync
. Different types all you to configure flexible access:
public_content_t
This is a generic type used for the location of files (and the actual files) to be shared via rsync
. If a special directory is created to house files to be shared with rsync
, the directory and its contents need to have this label applied to them.
rsync_exec_t
This type is used for the /usr/bin/rsync
system binary.
rsync_log_t
This type is used for the rsync
log file, located at /var/log/rsync.log
by default. To change the location of the file rsync logs to, use the --log-file=FILE
option to the rsync
command at run-time.
rsync_var_run_t
This type is used for the rsyncd
lock file, located at /var/run/rsyncd.lock
. This lock file is used by the rsync
server to manage connection limits.