此内容没有您所选择的语言版本。
5.2. Types
	The main permission control method used in SELinux targeted policy to provide advanced process isolation is Type Enforcement. All files and processes are labeled with a type: types define a SELinux domain for processes and a SELinux type for files. SELinux policy rules define how types access each other, whether it be a domain accessing a type, or a domain accessing another domain. Access is only allowed if a specific SELinux policy rule exists that allows it.
			By default, mounted NFS volumes on the client side are labeled with a default context defined by policy for NFS. In common policies, this default context uses the 
nfs_t type. The following types are used with NFS. Different types allow you to configure flexible access:
		- var_lib_nfs_t
- This type is used for existing and new files copied to or created in the/var/lib/nfs/directory. This type should not need to be changed in normal operation. To restore changes to the default settings, run therestorecon -R -v /var/lib/nfscommand as the root user.
- nfsd_exec_t
- The/usr/sbin/rpc.nfsdfile is labeled with thenfsd_exec_t, as are other system executables and libraries related to NFS. Users should not label any files with this type.nfsd_exec_twill transition tonfsd_t.