Backing up and restoring files
An important aspect to the availability of a system and the security of a service is to provide backup and restore services. For many, having a copy of the files available might seem sufficient as a backup approach. However, backups should contain more than just the content of a file.
How to do it…
When selecting a backup solution, make sure to check for the following:
- A selection of the extended attributes of the files should be backed up as well (and not only the
security.selinux
one). - When files are restored onto their original location, the SELinux context should be restored with it as well. If the backup solution doesn't support SELinux contexts, the
restorecon
command should be invoked afterwards against the restored file(s). - When files are restored into a temporary area, the SELinux context should not be restored. Instead, the administrator should put the file back in place and restore the context afterwards.
- The SELinux configuration in
/etc...