SELinux not allowing read files on ~/.cert












4















I'm new to Fedora 23 and SELinux. I use an OpenVPN client through NetworkManager. I stored all the files I needed OpenVPN to access (certificate, CA and private key) inside ~/.cert and ran updatecon -R -v ~/.cert. However, I'm still getting AVC errors from SELinux, who won't let OpenVPN access such files. This the relevant portion of the output of grep AVC /var/log/audit/audit.log | less:



type=AVC msg=audit(1457179403.296:364): avc:  denied  { open } for  pid=2608 comm="nm-openvpn-serv" path="/home/ggoncalves/.cert/ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.296:365): avc:  denied  { open } for  pid=2608 comm="nm-openvpn-serv" path="/home/ggoncalves/.cert/ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.330:366): avc:  denied  { read } for  pid=2611 comm="openvpn" name="lastline-ca.crt" dev="dm-2" ino=2888749 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.332:367): avc:  denied  { read } for  pid=2611 comm="openvpn" name="ggoncalves.crt" dev="dm-2" ino=2888751 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.332:368): avc:  denied  { read } for  pid=2611 comm="openvpn" name="ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0


Since I've only been using SELinux for a few days, I have no clue where to start looking for this. Any hints?



Edit: It seems to me that the problem is in the svirt_sandbox_file_t label. I believe those files should be labelled home_cert_t.



Edit 2: In fact, my whole home directory has been labeled svirt_sandbox_file_t for some reason. Is this a feature or a bug of Docker policies?



Update



Alright, this took a while. Let me further describe the issue, in case someone ends up going through the same. Turns out the svirt_sandbox_file_t had been attributed by Docker when I mounted my home directory as a volume with the :Z flag (as described here). Docker then recursively applied that label to my entire home dir, and somehow neither reconfiguring the FS labels nor applying restorecon worked.



To restore my home to the original permissions, I rsync'd it to a temporary folder, deleted everything in it and rsync'd back. Not the brightest idea, but it worked. Hope this helps.






fedora openvpn selinux







share|improve this question

























  • Don't mount your home directory as a Docker volume, only chosen subdirectories of the home directory.

    – Michael Hampton
    Feb 18 at 15:37


















4















I'm new to Fedora 23 and SELinux. I use an OpenVPN client through NetworkManager. I stored all the files I needed OpenVPN to access (certificate, CA and private key) inside ~/.cert and ran updatecon -R -v ~/.cert. However, I'm still getting AVC errors from SELinux, who won't let OpenVPN access such files. This the relevant portion of the output of grep AVC /var/log/audit/audit.log | less:



type=AVC msg=audit(1457179403.296:364): avc:  denied  { open } for  pid=2608 comm="nm-openvpn-serv" path="/home/ggoncalves/.cert/ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.296:365): avc:  denied  { open } for  pid=2608 comm="nm-openvpn-serv" path="/home/ggoncalves/.cert/ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.330:366): avc:  denied  { read } for  pid=2611 comm="openvpn" name="lastline-ca.crt" dev="dm-2" ino=2888749 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.332:367): avc:  denied  { read } for  pid=2611 comm="openvpn" name="ggoncalves.crt" dev="dm-2" ino=2888751 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.332:368): avc:  denied  { read } for  pid=2611 comm="openvpn" name="ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0


Since I've only been using SELinux for a few days, I have no clue where to start looking for this. Any hints?



Edit: It seems to me that the problem is in the svirt_sandbox_file_t label. I believe those files should be labelled home_cert_t.



Edit 2: In fact, my whole home directory has been labeled svirt_sandbox_file_t for some reason. Is this a feature or a bug of Docker policies?



Update



Alright, this took a while. Let me further describe the issue, in case someone ends up going through the same. Turns out the svirt_sandbox_file_t had been attributed by Docker when I mounted my home directory as a volume with the :Z flag (as described here). Docker then recursively applied that label to my entire home dir, and somehow neither reconfiguring the FS labels nor applying restorecon worked.



To restore my home to the original permissions, I rsync'd it to a temporary folder, deleted everything in it and rsync'd back. Not the brightest idea, but it worked. Hope this helps.






fedora openvpn selinux







share|improve this question

























  • Don't mount your home directory as a Docker volume, only chosen subdirectories of the home directory.

    – Michael Hampton
    Feb 18 at 15:37
















4












4








4








I'm new to Fedora 23 and SELinux. I use an OpenVPN client through NetworkManager. I stored all the files I needed OpenVPN to access (certificate, CA and private key) inside ~/.cert and ran updatecon -R -v ~/.cert. However, I'm still getting AVC errors from SELinux, who won't let OpenVPN access such files. This the relevant portion of the output of grep AVC /var/log/audit/audit.log | less:



type=AVC msg=audit(1457179403.296:364): avc:  denied  { open } for  pid=2608 comm="nm-openvpn-serv" path="/home/ggoncalves/.cert/ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.296:365): avc:  denied  { open } for  pid=2608 comm="nm-openvpn-serv" path="/home/ggoncalves/.cert/ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.330:366): avc:  denied  { read } for  pid=2611 comm="openvpn" name="lastline-ca.crt" dev="dm-2" ino=2888749 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.332:367): avc:  denied  { read } for  pid=2611 comm="openvpn" name="ggoncalves.crt" dev="dm-2" ino=2888751 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.332:368): avc:  denied  { read } for  pid=2611 comm="openvpn" name="ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0


Since I've only been using SELinux for a few days, I have no clue where to start looking for this. Any hints?



Edit: It seems to me that the problem is in the svirt_sandbox_file_t label. I believe those files should be labelled home_cert_t.



Edit 2: In fact, my whole home directory has been labeled svirt_sandbox_file_t for some reason. Is this a feature or a bug of Docker policies?



Update



Alright, this took a while. Let me further describe the issue, in case someone ends up going through the same. Turns out the svirt_sandbox_file_t had been attributed by Docker when I mounted my home directory as a volume with the :Z flag (as described here). Docker then recursively applied that label to my entire home dir, and somehow neither reconfiguring the FS labels nor applying restorecon worked.



To restore my home to the original permissions, I rsync'd it to a temporary folder, deleted everything in it and rsync'd back. Not the brightest idea, but it worked. Hope this helps.






fedora openvpn selinux







share|improve this question
















I'm new to Fedora 23 and SELinux. I use an OpenVPN client through NetworkManager. I stored all the files I needed OpenVPN to access (certificate, CA and private key) inside ~/.cert and ran updatecon -R -v ~/.cert. However, I'm still getting AVC errors from SELinux, who won't let OpenVPN access such files. This the relevant portion of the output of grep AVC /var/log/audit/audit.log | less:



type=AVC msg=audit(1457179403.296:364): avc:  denied  { open } for  pid=2608 comm="nm-openvpn-serv" path="/home/ggoncalves/.cert/ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.296:365): avc:  denied  { open } for  pid=2608 comm="nm-openvpn-serv" path="/home/ggoncalves/.cert/ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.330:366): avc:  denied  { read } for  pid=2611 comm="openvpn" name="lastline-ca.crt" dev="dm-2" ino=2888749 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.332:367): avc:  denied  { read } for  pid=2611 comm="openvpn" name="ggoncalves.crt" dev="dm-2" ino=2888751 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0

type=AVC msg=audit(1457179403.332:368): avc:  denied  { read } for  pid=2611 comm="openvpn" name="ggoncalves.key" dev="dm-2" ino=2888752 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:svirt_sandbox_file_t:s0:c50,c545 tclass=file permissive=0


Since I've only been using SELinux for a few days, I have no clue where to start looking for this. Any hints?



Edit: It seems to me that the problem is in the svirt_sandbox_file_t label. I believe those files should be labelled home_cert_t.



Edit 2: In fact, my whole home directory has been labeled svirt_sandbox_file_t for some reason. Is this a feature or a bug of Docker policies?



Update



Alright, this took a while. Let me further describe the issue, in case someone ends up going through the same. Turns out the svirt_sandbox_file_t had been attributed by Docker when I mounted my home directory as a volume with the :Z flag (as described here). Docker then recursively applied that label to my entire home dir, and somehow neither reconfiguring the FS labels nor applying restorecon worked.



To restore my home to the original permissions, I rsync'd it to a temporary folder, deleted everything in it and rsync'd back. Not the brightest idea, but it worked. Hope this helps.






fedora openvpn selinux




fedora openvpn selinux






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Mar 6 '16 at 0:57







Guilherme

















asked Mar 5 '16 at 12:18









GuilhermeGuilherme

15517




15517













  • Don't mount your home directory as a Docker volume, only chosen subdirectories of the home directory.

    – Michael Hampton
    Feb 18 at 15:37





















  • Don't mount your home directory as a Docker volume, only chosen subdirectories of the home directory.

    – Michael Hampton
    Feb 18 at 15:37



















Don't mount your home directory as a Docker volume, only chosen subdirectories of the home directory.

– Michael Hampton
Feb 18 at 15:37







Don't mount your home directory as a Docker volume, only chosen subdirectories of the home directory.

– Michael Hampton
Feb 18 at 15:37












1 Answer
1






active

oldest

votes


















3














Target context type of the files is still wrong:



svirt_sandbox_file_t


The files in ~/.cert should be labeled as home_cert_t. Give it a try once more with



restorecon -Rf ~/.cert


or try to force the type:



chcon -t home_cert_t ~/.cert/*


It might be possible that there is some bug in selinux-policy or docker selinux policy that causes wrong default labeling.






share|improve this answer


























  • Nope, still restoring to svirt_sandbox_file_t. I believe this has happened when I installed Docker...

    – Guilherme
    Mar 5 '16 at 13:02











  • Give it a try with chcon. I am not unfortunately didn't find such a bug, but I would blame docker.

    – Jakuje
    Mar 5 '16 at 13:12











  • chcon does fix it. Will this persist across reboots and FS changes?

    – Guilherme
    Mar 5 '16 at 13:17











  • Yes. It should persist over reboot, if you will not trigger relabel (or if Docker does not enforce it somehow).

    – Jakuje
    Mar 5 '16 at 13:18






  • 2





    You can achieve complete relabel during reboot by touch /.autorelabel and then rebooting system.

    – Jakuje
    Mar 5 '16 at 13:33













Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f267789%2fselinux-not-allowing-read-files-on-cert%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









3














Target context type of the files is still wrong:



svirt_sandbox_file_t


The files in ~/.cert should be labeled as home_cert_t. Give it a try once more with



restorecon -Rf ~/.cert


or try to force the type:



chcon -t home_cert_t ~/.cert/*


It might be possible that there is some bug in selinux-policy or docker selinux policy that causes wrong default labeling.






share|improve this answer


























  • Nope, still restoring to svirt_sandbox_file_t. I believe this has happened when I installed Docker...

    – Guilherme
    Mar 5 '16 at 13:02











  • Give it a try with chcon. I am not unfortunately didn't find such a bug, but I would blame docker.

    – Jakuje
    Mar 5 '16 at 13:12











  • chcon does fix it. Will this persist across reboots and FS changes?

    – Guilherme
    Mar 5 '16 at 13:17











  • Yes. It should persist over reboot, if you will not trigger relabel (or if Docker does not enforce it somehow).

    – Jakuje
    Mar 5 '16 at 13:18






  • 2





    You can achieve complete relabel during reboot by touch /.autorelabel and then rebooting system.

    – Jakuje
    Mar 5 '16 at 13:33


















3














Target context type of the files is still wrong:



svirt_sandbox_file_t


The files in ~/.cert should be labeled as home_cert_t. Give it a try once more with



restorecon -Rf ~/.cert


or try to force the type:



chcon -t home_cert_t ~/.cert/*


It might be possible that there is some bug in selinux-policy or docker selinux policy that causes wrong default labeling.






share|improve this answer


























  • Nope, still restoring to svirt_sandbox_file_t. I believe this has happened when I installed Docker...

    – Guilherme
    Mar 5 '16 at 13:02











  • Give it a try with chcon. I am not unfortunately didn't find such a bug, but I would blame docker.

    – Jakuje
    Mar 5 '16 at 13:12











  • chcon does fix it. Will this persist across reboots and FS changes?

    – Guilherme
    Mar 5 '16 at 13:17











  • Yes. It should persist over reboot, if you will not trigger relabel (or if Docker does not enforce it somehow).

    – Jakuje
    Mar 5 '16 at 13:18






  • 2





    You can achieve complete relabel during reboot by touch /.autorelabel and then rebooting system.

    – Jakuje
    Mar 5 '16 at 13:33
















3












3








3







Target context type of the files is still wrong:



svirt_sandbox_file_t


The files in ~/.cert should be labeled as home_cert_t. Give it a try once more with



restorecon -Rf ~/.cert


or try to force the type:



chcon -t home_cert_t ~/.cert/*


It might be possible that there is some bug in selinux-policy or docker selinux policy that causes wrong default labeling.






share|improve this answer















Target context type of the files is still wrong:



svirt_sandbox_file_t


The files in ~/.cert should be labeled as home_cert_t. Give it a try once more with



restorecon -Rf ~/.cert


or try to force the type:



chcon -t home_cert_t ~/.cert/*


It might be possible that there is some bug in selinux-policy or docker selinux policy that causes wrong default labeling.







share|improve this answer














share|improve this answer



share|improve this answer








edited Mar 5 '16 at 13:09

























answered Mar 5 '16 at 12:58









JakujeJakuje

16.5k53155




16.5k53155













  • Nope, still restoring to svirt_sandbox_file_t. I believe this has happened when I installed Docker...

    – Guilherme
    Mar 5 '16 at 13:02











  • Give it a try with chcon. I am not unfortunately didn't find such a bug, but I would blame docker.

    – Jakuje
    Mar 5 '16 at 13:12











  • chcon does fix it. Will this persist across reboots and FS changes?

    – Guilherme
    Mar 5 '16 at 13:17











  • Yes. It should persist over reboot, if you will not trigger relabel (or if Docker does not enforce it somehow).

    – Jakuje
    Mar 5 '16 at 13:18






  • 2





    You can achieve complete relabel during reboot by touch /.autorelabel and then rebooting system.

    – Jakuje
    Mar 5 '16 at 13:33





















  • Nope, still restoring to svirt_sandbox_file_t. I believe this has happened when I installed Docker...

    – Guilherme
    Mar 5 '16 at 13:02











  • Give it a try with chcon. I am not unfortunately didn't find such a bug, but I would blame docker.

    – Jakuje
    Mar 5 '16 at 13:12











  • chcon does fix it. Will this persist across reboots and FS changes?

    – Guilherme
    Mar 5 '16 at 13:17











  • Yes. It should persist over reboot, if you will not trigger relabel (or if Docker does not enforce it somehow).

    – Jakuje
    Mar 5 '16 at 13:18






  • 2





    You can achieve complete relabel during reboot by touch /.autorelabel and then rebooting system.

    – Jakuje
    Mar 5 '16 at 13:33



















Nope, still restoring to svirt_sandbox_file_t. I believe this has happened when I installed Docker...

– Guilherme
Mar 5 '16 at 13:02





Nope, still restoring to svirt_sandbox_file_t. I believe this has happened when I installed Docker...

– Guilherme
Mar 5 '16 at 13:02













Give it a try with chcon. I am not unfortunately didn't find such a bug, but I would blame docker.

– Jakuje
Mar 5 '16 at 13:12





Give it a try with chcon. I am not unfortunately didn't find such a bug, but I would blame docker.

– Jakuje
Mar 5 '16 at 13:12













chcon does fix it. Will this persist across reboots and FS changes?

– Guilherme
Mar 5 '16 at 13:17





chcon does fix it. Will this persist across reboots and FS changes?

– Guilherme
Mar 5 '16 at 13:17













Yes. It should persist over reboot, if you will not trigger relabel (or if Docker does not enforce it somehow).

– Jakuje
Mar 5 '16 at 13:18





Yes. It should persist over reboot, if you will not trigger relabel (or if Docker does not enforce it somehow).

– Jakuje
Mar 5 '16 at 13:18




2




2





You can achieve complete relabel during reboot by touch /.autorelabel and then rebooting system.

– Jakuje
Mar 5 '16 at 13:33







You can achieve complete relabel during reboot by touch /.autorelabel and then rebooting system.

– Jakuje
Mar 5 '16 at 13:33




















draft saved

draft discarded




















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f267789%2fselinux-not-allowing-read-files-on-cert%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

How to make a Squid Proxy server?

Image
1 I want to set up squid proxy server for monitoring user activity in a network and Internet Web URL filtering for user. I also want to configure the user login, user log, user access group, and block unwanted web sites in my network. Please help me and guide me the full process to do this. server proxy squid share | improve this question edited Jul 31 '12 at 14:45 Jorge Castro 37.1k 107 422 617 asked Jul 31 '12 at 5:16 Goivind Tiwari Goivind Tiwari
Read more

Is this a new Fibonacci Identity?

Image
6 1 $begingroup$ I have found the following Fibonacci Identity (and proved it). If $F_n$ denotes the nth Fibonacci Number, we have the following identity begin{equation} F_{n-r+h}F_{n+k+g+1} - F_{n-r+g}F_{n+k+h+1} = (-1)^{n+r+h+1} F_{g-h}F_{k+r+1} end{equation} where $F_1 = F_2 = 1$ , $r leq n$ , $h leq g$ , and $n, g, k in mathbb{N}$ . It is not too hard to show that this identity subsumes Cassini's Identity, Catalan's Identity, Vajda's Idenity, and d'Ocagne's identity to name a few. I have done a pretty thorough literature review, and I have not found anything like this, but I am still wondering if anyone has seen this identity before? I found this by accident after noticing some patterns in some analysis work I was doing, so if this is already known I would be curious to see w
Read more

19世紀

Image
この記事は検証可能な参考文献や出典が全く示されていないか、不十分です。 出典を追加して記事の信頼性向上にご協力ください。 ( 2012年3月 ) 千年紀: 2千年紀 世紀: 18世紀 - 19世紀 - 20世紀 十年紀: 1800年代 1810年代 1820年代 1830年代 1840年代 1850年代 1860年代 1870年代 1880年代 1890年代 19世紀に君臨した大英帝国。 19世紀 (じゅうきゅうせいき)は、西暦1801年から西暦1900年までの100年間を指す世紀。 目次 1 19世紀の歴史 1.1 国民国家の成立 1.2 帝国主義の興隆 1.3 列強の植民地争奪戦 2 できごと 2.1 1800年代 2.2 1810年代 2.3 1820年代 2.4 1830年代 2.5 1840年代 2.6 1850年代 2.7 1860年代 2.8 1870年代 2.9 1880年代 2.10 1890年代 2.11 1900年代 3 文化 3.1 文学 3.2 音楽 3.3 思想 3.4 科学 3.5 技術 4 人物 4.1 ヨーロッパ 4.1.1 政治家・王族 4.1.1.1 フランス 4.1.1.2 オーストリア=ハンガリー 4.1.1.3 ロシア 4.1.1.4 イギリス 4.1.1.5 ドイツ(プロイセンほかドイツ領邦を含む) 4.1.1.6 北欧 4.1.1.7 イタリア 4.1.1.8 スペイン 4.1.1.9 ベルギー 4.1.1.10 ギリシア 4.1.2 軍人 4.1.3 実業家 4.1.4 科学と技術 4.1.5 思想と哲学・人文諸学 4.1.6 宗教 4.1.7 文学 4.1.8 美術 4.1.9 音楽 4.1.10 社会事業家 4.1.11 探検家・旅行家 4.1.12 料
Read more