-----BEGIN PGP SIGNED MESSAGE-----
Does anything special have to be done to cause SELinux to start using
added local filecontexts? What I'm finding is that if I use semanage
fcontext -a to add a local filecontext definition, it is not used by
restorecon unless I specify the "-F" option. Without the "-F"
restorecon -vv <file_path> gives the following message:
/sbin/restorecon: <file_path> not reset customized by admin to
but restorecon -vv -F <file_path> gives this:
/sbin/restorecon reset <file_path> context
I've also tried using /usr/sbin/semodule --build to try rebuilding (and
reloading) the current policy, but that
didn't change the behavior I'm seeing.
Any suggestions would be greatly appreciated.
The only time you should need the -F would be if the previous context
was in /etc/selinux/targeted/contexts/customizable_types
I believe. The most common of these are httpd. This file is an
artifact of what we had to do before we had semanage.
If the file context is not listed in this file and you still need the
force, what is the the file context you are changing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----