OS: SL7.3, policycoreutils-2.5-11.el7_3.x86_64
I have a cluster with quite a few user home directories automounted from a NFS server. I have found that if too many (> ~1000) home directories are mounted, restorecon spits out the following:
# restorecon -R /var/lib/boinc Maximum excludes 1000 exceeded. [repeats hundreds of times]
This message pops up even when I'm not relabeling a part of the filesystem that's unmounted. If I reduce the number of automounted home directories, then the message goes away.
I get similar messages when loading and unloading custom selinux policy modules.
Will this actually prevent restorecon from relabeling files?
Is there a dynamic way to increase this limit to make the messages go away?
--Wart
On Thu, 2017-10-26 at 16:59 -0500, Wart wrote:
OS: SL7.3, policycoreutils-2.5-11.el7_3.x86_64
I have a cluster with quite a few user home directories automounted from a NFS server. I have found that if too many (> ~1000) home directories are mounted, restorecon spits out the following:
# restorecon -R /var/lib/boinc Maximum excludes 1000 exceeded. [repeats hundreds of times]
This message pops up even when I'm not relabeling a part of the filesystem that's unmounted. If I reduce the number of automounted home directories, then the message goes away.
I get similar messages when loading and unloading custom selinux policy modules.
Will this actually prevent restorecon from relabeling files?
No, it just won't skip those directories during the file tree walk, so it will be less efficient.
Is there a dynamic way to increase this limit to make the messages go away?
Not in policycoreutils-2.5. In 2.6 and later, the limit was removed.
selinux@lists.fedoraproject.org