setfiles takes the file_contexts file as the second parameter, if you
look at fixfiles that is all that it is doing is execing setfiles.
So with strict policy you would run
setfiles /etc/selinux/strict/contexts/files/file_contexts /home
to relabel homedirs.
After running fixfiles relabel you should always reboot in order to
start programs under the right context, If you do this in level 5 there
is a chance the applications will write files out with bad context after
the relabel, before the reboot.
David Balazic wrote:
>From: Russell Coker[SMTP:firstname.lastname@example.org]
>On Wed, 9 Jun 2004 17:42, David Balazic <david.balazic(a)hermes.si> wrote:
>>Because I get a failure right 5 minutes after installation.
>>I did a SELinux enabled install of FC2 ( Workstation type ).
>>In firstboot I created a user.
>This is a known bug, when firstboot creates a user it doesn't give the
>type to the home directory files. Running setfiles is the correct thing
>do. But you don't have to label the entire file system, just the home
>directory for the new user.
setfiles requires some "policy" argument, what do I use ?
Well, I just run "fixfiles relabel" ( not is runlevel 1, as suggested by
but level 5, is that a problem ? ).
Now login on VCx is OK, but login in X still does not work. Previously it
my home dir does not exist, but now after the "fix" , when I enter my
password an blank blue screen with a mouse pointer ( pointer, not sandwatch
and nothing happens. I waited 30 seconds and switched to VC1 to check out
happening, but then the screen started to blink. It went black for ~5
seconds, then back
to VC1 for a second , then black again and so on. Maybe the X server was
Any clues ?
fedora-selinux-list mailing list