Thank you.

If the "file_t" is ok for usb pen drive, good. I understand.

The fact is, one program made an SELinux error, it's name is colord_t.
The error was colord_t could not write to file_t or something...


"colord.te" may have "files_rw_all_files" ?


I don't know anything on colord so I may be mistaken.


Maybe my question is on colord_t cannot write to file_t.

I thought if the pen drive's lost+found directory was labeled lost_found_t, but my impression now is this is the problem on colord_t.




2013/10/28 Daniel J Walsh <dwalsh@redhat.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/26/2013 07:50 PM, Shintaro Fujiwara wrote:
> HI, I have a question on lost_found_t.
>
> When I plug up my usb pen drive and issue this command,
>
> # mkfs -t ext4 /dev/sdb
>
> After succeeding making file system in the usb device ,Fedora auto-detects
> the usb device and I found lost+found directory in the device labeled
> file_t.
>
> I can use pen drive alright, but isn't it good to label lost+found
> lost_found_t ?
>
> I made a local policy to label it, but I could not, although I could
> install module itself and restorecon the directory.
>
> restorecon said,
>
> [root@localhost ~]# restorecon -rv /run/media restorecon:  Warning no
> default label for /run/media/fujiwara restorecon:  Warning no default label
> for /run/media/fujiwara/64d4a696-14af-46fb-bcd1-1762f1f688bd restorecon:
> Warning no default label for
> /run/media/fujiwara/64d4a696-14af-46fb-bcd1-1762f1f688bd/lost+found
>
> Why lost+found directory in the usb pen drive not permitted to label by
> default?
>
> Thanks in advance.
>
>
> -- selinux mailing list selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
restorecon is basically saying that it has no idea what labels to use for
ontent under /run/media.  file_t could very well be an ok label for this.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlJuasAACgkQrlYvE4MpobPZ6ACfRBOwyvLadH0wySfe7SZiAn4F
n5AAnRVjwU7VlYSC3dFIBVHI9+7SMX9Q
=nuzJ
-----END PGP SIGNATURE-----



--
http://intrajp.no-ip.com/ Home Page