[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: /sbin/restorecon and hard links



On Wed, 2006-02-15 at 09:33 -0500, Chuck Anderson wrote:
> On Wed, Feb 15, 2006 at 09:01:32AM -0500, Stephen Smalley wrote:
> > Yes, running restorecon on /home by root considered harmful,
> 
> What is a safe way to run restorecon on /home?  Should I su to each 
> user and do their home directory separately from all others?

The real question is why do you need to do it?  If the labels are set up
properly on installation and when the user's account is first created,
then you shouldn't need to do it subsequently, and the user can run
restorecon themselves on their own home directory if they encounter
issues.  su has its own issues irrespective of SELinux; never su to an
untrusted account.

-- 
Stephen Smalley
National Security Agency


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]