./autorelabel
Daniel J Walsh
dwalsh at redhat.com
Thu Jul 19 15:12:14 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/19/2012 11:03 AM, m.roth at 5-cent.us wrote:
> Folks,
>
> I updated a CentOS system yesterday from 6.2 to 6.3. I saw it update
> selinux-policy-targeted (I think it was) and several hours later, it still
> hadn't gotten to the next package; looking, it appeared to be running a
> restorecon. I killed it, and redid the update.
>
> For other reasons, it didn't reboot. I brought it up under the most recent
> previous kernel, it did an fsck on a 2T drive... then it's been running
> autorelabel for at least an hour and a half, and I have no idea how much
> longer it will be. It's longer than fsck.
>
> This is a backup server, which uses hardlinks to save space.
>
> You may not consider this a bug, but it certainly makes selinux close to
> unusable in anything resembling a working environment.
>
> mark
>
> -- selinux mailing list selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
If you have a volume with a huge number of files on it, you could mount it
with a context option and this will prevent restorecon from entering the
volume for relabel. Otherwise an autorelabel will attempt to read the context
on ever file on the computer and "fix" it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAII84ACgkQrlYvE4MpobOEBwCgpA3w0LklhmV8I/j1kf4iyGaJ
Y5YAoIfsd6wKQie+Pj1Rk0pmELwPxii1
=S+dg
-----END PGP SIGNATURE-----
More information about the selinux
mailing list