restorecon isn't restoring what matchpathcon shows
Daniel J Walsh
dwalsh at redhat.com
Fri Nov 21 20:03:46 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Chuck Anderson wrote:
>>> [root at l 9:08:23 /home/install]#ls -lZd Templates
>>> drwxr-xr-x install install unconfined_u:object_r:user_home_t:s0
>>> Templates/
>>>
>>> Why does this happen?
>> The type is correct; only the user is wrong. restorecon ignores
>> differences in the user by default. restorecon -F if you truly care.
>
> Thanks for the clarification. I'm sure I got tripped up by this
> before...
>
> I was getting lots of SELinux alerts related to
> /home/<user>/.{gconf,ssh,...} dotfiles.
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
These were probably related to nsplugin_t, which requires the homedir to
be labeled correctly. You can use restorecond to help you manage this.
User componant of selinux context is pretty much ignored in targeted policy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkknFCIACgkQrlYvE4MpobMMkwCeMzMCr4nbJywNlK1Aj2xW20gz
28EAn3fYUdH+c5VC73jMuWqv4ZdKYzPq
=c5TP
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list