How best get rid of SELinux?
Bruno Wolff III
bruno at wolff.to
Fri Sep 21 17:03:57 UTC 2007
On Fri, Sep 21, 2007 at 02:09:18 -0500,
Arthur Pemberton <pemboa at gmail.com> wrote:
> On 9/21/07, Bruno Wolff III <bruno at wolff.to> wrote:
> > Notably if you disable SELinux, files will no longer be properly labelled when
> > they are created. So that if you later try to turn it back on, you will need
> > to do a complete relabel.
>
> Even then, doesn't restorecond automatically pickup the mislabeling eventually?
No. restorecond only handles a couple of special files. Typically it is
used for stuff in a directory which contains files with multiple domains
(different files have different domains not more than one per file) that
might be edited and pick up the wrong domain.
On my system the files checked (as found in /etc/restorecond.conf) are:
/etc/resolv.conf
/etc/samba/secrets.tdb
/etc/mtab
/var/run/utmp
/var/log/wtmp
~/public_html
~/.mozilla/plugins/libflashplayer.so
More information about the users
mailing list