differences between setfiles and restorecon? repeat of old thread?
Stephen Smalley
sds at tycho.nsa.gov
Mon Aug 29 13:42:14 UTC 2005
On Sat, 2005-08-27 at 12:58 -0700, Tom London wrote:
> 'setfiles -v /etc/selinux/targeted/contexts/files/file_contexts /' did
> the right thing.
>
> [Its almost as if restorecon is using the 'real' full pathname (with
> leading /mnt), and setfiles is using the 'chroot'ed' pathname (without
> the leading /mnt).]
BTW, I'm not sure what you mean by the above. setfiles does accept a -r
option to specify an alternate root path, so you can apply it to a
chroot setup without running it chroot'd itself. But without that
option, I wouldn't have expected it to touch /mnt at all, especially as
file_contexts marks it <<none>>.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list