relabel after policy update
Vadym Chepkov
vchepkov at gmail.com
Tue Jul 31 11:34:27 UTC 2012
Hi,
Once n a while I find mislabeled files on the file system. Since I never touched them, I assume it is due to the policy change.
What is the best practice, shall I relabel the system every time selinux-policy-targeted is updated?
For example:
# restorecon -vR /usr/
restorecon reset /usr/libexec/sesh context system_u:object_r:bin_t:s0->system_u:object_r:shell_exec_t:s0
# restorecon -vR /var
restorecon reset /var/lib/rsyslog context system_u:object_r:var_lib_t:s0->system_u:object_r:syslogd_var_lib_t:s0
Regards,
Vadym
More information about the selinux
mailing list