Finding unlabeled files?
Thomas Bleher
bleher at informatik.uni-muenchen.de
Sun May 30 22:54:03 UTC 2004
* Tom London <selinux at comcast.net> [2004-05-30 20:12]:
> I understand its 'safer' to run 'fixfiles relabel', but some vestigial
> unlabeled files seem to remain...
Look into your policy for file contexts which specify "<<none>>" as
context. This means that setfiles does not touch these files at all, as
they can not be properly labeled by looking at the file name; so it is
best to leave them alone.
If you come from a non-SELinux system you should probably delete all
these files[0] and reboot.
Thomas
[0] the policy I'm looking right now has <<none>> only for files which
can be safely deleted if the system is in single user mode and is
restarted immediately afterwards.
--
http://www.cip.ifi.lmu.de/~bleher/selinux/ - my SELinux pages
GPG-Fingerprint: BC4F BB16 30D6 F253 E3EA D09E C562 2BAE B2F4 ABE7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20040531/9563508a/attachment.sig>
More information about the fedora-selinux-list
mailing list