High weirdness and questionable utility of restorecond
Jonathan Abbey
jonabbey at arlut.utexas.edu
Fri Sep 5 19:09:37 UTC 2014
On Fri, 05 Sep 2014 14:05:57 -0500, Jonathan Abbey wrote:
|
| Given that this is happening with max_watches set far too low to
| handle recursive directory watches under /home, I'm going to assume
| that the restorecond code at selinuxproject actually does closely
| reflect what RHEL 6 is shipping, and recursion just isn't supported
| with restorecond.
And after re-reading the comment on restored.conf at
http://selinuxproject.org/page/GlobalConfigurationFiles
I see that I misinterpreted the meaning of "~/*". It says that it
"expands to listen for all files created for all logged-in users
within their home directories". I took that to be recursively within
their home directories, but apparently not.
Jon
--
-------------------------------------------------------------------------------
Jonathan Abbey jonabbey at arlut.utexas.edu
Applied Research Laboratories The University of Texas at Austin
GPG Key: 71767586 at keyserver pgp.mit.edu, http://www.ganymeta.org/workkey.gpg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20140905/fc22dbec/attachment.sig>
More information about the selinux
mailing list