rdist and selinux (was: A Modest Suggestion to make SElinux usable.)
Stephen Smalley
sds at tycho.nsa.gov
Tue Jun 2 16:53:02 UTC 2009
On Tue, 2009-06-02 at 08:05 -0700, Wolfgang S. Rupprecht wrote:
>
> Adam Williamson <awilliam at redhat.com> writes:
> > ...when SELinux blocks a legitimate operation on your system, file a bug
> > on it, with the appropriate information included.
>
> This brings me to a question. What do other folks do when running
> rdist(1) (or similar) on a system that has selinux enabled? I just
> succeeded in locking myself out of a remote system when it updated
> */.ssh/authorized_keys and the context was updated in a way that was
> distasteful to selinux.
>
> Looking at the rdist man page I see no indication that rdist understands
> contexts and tries to preserve them. Is this true? Bug? RFE?
rsync supports preserving xattrs if you run it with the -X option.
I'm not aware of similar support for rdist. Any particular reason for
using rdist rather than rsync?
--
Stephen Smalley
National Security Agency
More information about the fedora-test-list
mailing list