[Libguestfs] SELinux relabel API
Colin Walters
walters at redhat.com
Sat May 24 15:39:02 UTC 2014
> Dan Walsh helpfully pointed out to us that we've been doing it wrong
> all along :-) A much better way to relabel is to run:
>
> setfiles /etc/selinux/targeted/contexts/files/file_contexts DIR
Yes, this is what I'm doing with OSTree. However in the general cross
labeling case it has a subtle issue with PCRE:
http://comments.gmane.org/gmane.comp.security.selinux/20214
There is of course always the potential issue for incompatible future
changes in the file_contexts format.
My current workaround is:
https://github.com/cgwalters/rpm-ostree/commit/0cb346b798aead0fd544e2c9ef45f1817ba19434
More information about the Libguestfs
mailing list