On Sun, 2012-08-19 at 13:24 -0700, Tom London wrote:
On Tue, Aug 14, 2012 at 2:21 PM, Dominick Grift
> You might want to check out the semanage --equiv option. (man semanage)
> That basically allows you to alias existing file context structures:
> heres an example from man semanage:
> For home directories under top level directory, for
> example /disk6/home,
> execute the following commands.
> # semanage fcontext -a -t home_root_t "/disk6"
> # semanage fcontext -a -e /home /disk6/home
> # restorecon -R -v /disk6
> so in your case you might want to make /data equivalent to / or
> semanage fcontext -a -e / /data
> restorecon -R -v -F /data
> That should label /data root_t, /data/var var_t, /data/var/lib var_lib_t
> just as if it was your main file system.
So this sounds exactly what i would like to do with my Luks encrytped
USB back up drive.
Unfortunately, I'm stumbling across the fact that the drive is
'automagically' mounted (when I login or power it on), and it gets
mounted on /run/media/tbl/Backup1TB:
/run/media/tbl/Backup1TB type ext4
The 'semanage -e' command spews:
[root@tlondon ~]# semanage fcontext -a -e / /run/media/tbl/Backup1TB/X200
/sbin/semanage: File spec /run/media/tbl/Backup1TB/X200 conflicts with
equivalency rule '/run /var/run'; Try adding
Appears that '/var/run/media' doesn't exist on my system (I guess /run
and /var/run are not really 'equivalent'?).
This an issue with my system (e.g., do I need an explicit entry in
fstab or some such)? With the scaffolding that deals with /run and
/var/run? Other? Should this work?
I think the issue is due to using "-e" on a location that is already
/run is equivalent to /var/run, it seems that you cant currently make
such a location equivalent to something else again.
This is something to consider...