the labeling procedure
Steve Brueckner
steve at atc-nycorp.com
Mon Jun 27 16:00:39 UTC 2005
I'm having some problems with some of my filesystem labeling. I'm running
FC3 with the latest SELinux updates (but not rawhide).
When I run #make relabel, /home gets labeled as default_t. However, when I
run #/sbin/restorecon /home, /home gets labeled as home_root_t. This
confuses me, since according to the O'Reilly book both commands refer to
/src/policy/file_contexts/file_contexts. Where else might /sbin/restorecon
be getting its information from?
Furthermore, I notice that /src/policy/file_contexts/file_contexts does not
contain the string home_root_t. I suppose that home_root_t comes from the
homedir_template file during the Make process, but then why doesn't #make
relabel correctly label /home?
I also notice that my context/files/file_contexts file is stale. Doing
#make relabel or #make reload doesn't update it. Does this file ever get
referenced anyway, since all the relabeling utilities seem to use
/src/policy/file_contexts/file_contexts instead? If it does get used, who
uses it? And how can I be sure it gets updated to match
src/policy/file_contexts/file_contexts?
Any help in demystifying the file labeling procedure is appreciated!
Thanks,
Stephen Brueckner, ATC-NY
More information about the selinux
mailing list