此内容没有您所选择的语言版本。
50.2.9. Specifying the Security Context of Entire File Systems
You can use the
mount -o context= command to set a single context for an entire file system. This might be a file system that is already mounted and that supports xattrs, or a network file system that obtains a genfs label such as cifs_t or nfs_t.
For example, if you need the Apache HTTP Server to read from a mounted directory or loopback file system, you need to set the type to
httpd_sys_content_t:
mount -t nfs -o context=system_u:object_r:httpd_sys_content_t \server1.example.com:/shared/scripts /var/www/cgi
Note
When troubleshooting
httpd and SELinux problems, reduce the complexity of your situation. For example, if you have the file system mounted at /mnt and then symbolically linked to /var/www/html/foo, you have two security contexts to be concerned with. Because one security context is of the object class file and the other of type lnk_file, they are treated differently by the policy and unexpected behavior may occur.
