Easy way to remove SELinux permissions?
Stephen Smalley
sds at tycho.nsa.gov
Thu Sep 10 12:57:44 UTC 2009
On Thu, 2009-09-10 at 07:58 +0200, Sean Carlos wrote:
> At one point I performed a new Fedora install and restored my personal
> files before disabling SELinux which I don't need.
>
> As a result many files have permissions which include a dot at the end,
> e.g.:
>
> -rw-rw-r--.
>
> This causes havoc with many applications, i.e. gedit complains it cannot
> make a back-up file.
>
> Q: How can I EASILY remove all SELinux attributes, e.g. perhaps with a
> single command?
If SELinux is disabled, then you should be able to do this:
find / -exec setfattr -x security.selinux {} \;
You might want to further qualify the find statement to avoid noise on
filesystems that don't support security contexts, e.g.
find / \( -fstype ext2 -o -fstype ext3 -o -fstype ext4 -o -fstype btrfs \) -exec setfattr -x security.selinux {} \;
--
Stephen Smalley
National Security Agency
More information about the users
mailing list