Re: fixfile.cron added.

Wednesday, 7 July 2004

On Thu, 2004-07-01 at 08:14, Daniel J Walsh wrote:
...
 Todays policycoreutils has a new cron job, fixfiles.cron, that will
run 
 in /etc/cron.daily.   This script will run a check on the file system on 
 a daily basis looking for file contexts in the wrong state.  It will 
 them mail a list of files with the incorrect context to the root account. 

 The following environment variables are set and can be overridden in the 
 /etc/selinux/config directory.

 CRONTYPE="check"  # You could change this to "restore" to have the 
 script automatically clean up
 INVALIDFILE=/var/tmp/badcontext # Name of the file to store the 
 badcontext file list
 CRONMAILTO="root"  # Account to send mail to

 Suggestions on improvements?  Comments? 
Has the policy been adjusted to allow this to run?  Is it being run in
system_crond_t (I would assume, given that it is under /etc/cron.daily)
or sysadm_crond_t (should only be applied to /var/spool/cron/root)?

-- 
Stephen Smalley <sds(a)epoch.ncsc.mil&gt;
National Security Agency

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: fixfile.cron added.