selinux fixfiles context
Stephen Smalley
sds at epoch.ncsc.mil
Thu Apr 15 12:15:13 UTC 2004
On Thu, 2004-04-15 at 06:47, Thomas Molina wrote:
> Last night I decided to try something different. I dropped down into
> single user mode before relabeling. Since then, the avc denied messages
> have largely disappeared.
>
> Does system state matter, is single user mode irrelevant, or is there some
> other issue here?
It shouldn't matter, except for mount point directories themselves,
which can only be labeled by setfiles if the filesystem is unmounted.
But the policy typically allows the mount point directories to just have
the default file type, so that shouldn't present a problem for denials.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-test-list
mailing list