bind-mounted homedirs
Stephen Smalley
sds at tycho.nsa.gov
Tue Feb 17 19:29:18 UTC 2009
On Thu, 2009-01-22 at 14:15 +0000, Paul Howarth wrote:
> On a RHEL 5 server I have bind-mounted home directories, where the data
> on the server actually lives in /srv/homes but this is bind-mounted to
> /nis-home. The user home directories in LDAP refer to the /nis-home
> locations.
>
> When I updated to the 5.3 selinux policy, everything under /srv/homes
> got relabelled based on the /srv/homes pathname rather than the
> /nis-home pathname. What would be the best way of preventing this from
> happening in the future?
If you just want to prevent automatic relabeling from touching that tree
at all, just add a "<<none>>" entry for it to file_contexts, e.g.
semanage fcontext -a -t "<<none>>" "/srv/homes(/.*)?"
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list