We are working on the Fedora SELinux FAQ

[John Reiser]

> http://sradvan.fedorapeople.org/SELinux_FAQ/#id2654720

Q: What is the patent status of SELinux?  List all the patents and
    patent applications that are "owned by SElinux."  List those that
    were consciously avoided or worked-around.  Give the citations
    which constitute prior art to protect the un-patented aspects.

Q: Is 'tar' the only Fedora-packaged file manipulator that is SELinux
    aware?  All of the following apps ignore file contexts, and thus
    do not "interoperate" with SELinux (do not preserve context labels):
       cp
       cp -a
       cpio
       rsync  # even with local pathnames only
       zip/unzip, gzip, bzip2, 7zip, lzma, xz
       sccs, rcs, cvs, svn, mercurial (hg), git, perforce
       any user-level network protocol: file://, ftp://, http://
          (therefore: rsync, curl, wget, ftp, sftp, scp, ...)

Q: Do file context labels and policy access rules form a "stationary
    process", such that the only things that matter are the most-recent
    label and the current policy; any previous history has no effect?
    Therefore omitting intermediate policy updates, reverting and
    applying different intermediate policy, applying restorecontext
    or re-labelling at any time, etc., do not matter?  In particular,
    re-labelling is idempotent: if done two times in succession
    then the second time changes nothing?  Also, if two different
    machines have the same SELinux policy installed [rpm -q], no
    [current] local changes to policy, and have just done a relabel,
    then is the on-disk representation bit-for-bit identical?

Q: I have a harddrive partition with a mounted and readonly
    4.5GB ext2/ext3/ext4 filesystem with non-default file context labels.
    I want to clone this filesystem onto a DVD-ROM, mount the replicated
    DVD-ROM on multiple other systems, and get the same behavior
    on the replicated systems as on the original system.  How?

--