errors with labels after running for a while
Russell Coker
russell at coker.com.au
Thu Mar 11 13:16:06 UTC 2004
On Thu, 11 Mar 2004 06:18, Bill Nottingham <notting at redhat.com> wrote:
> /usr/sbin/setfiles: relabeling /etc/modules.conf from
> system_u:object_r:etc_t to system_u:object_r:modules_conf_t
This is a problem. Do you know what might have created that file?
> /usr/sbin/setfiles: relabeling /etc/auto.master from root:object_r:etc_t
> to system_u:object_r:etc_t /usr/sbin/setfiles: relabeling
When you re-create a file the identity will match the identity of the creating
process. Presumably you edited the file as root:sysadm_r:sysadm_t. When you
relabel /etc after running for some time you see all the files you modified
as root.
> /etc/ptal/ptal-printd-like from system_u:object_r:etc_runtime_t to
> system_u:object_r:etc_t /usr/sbin/setfiles: relabeling
How is this file created? Maybe we should put in a file_contexts entry for
it? What package(s) use it?
> /etc/hotplug/usb.usermap from system_u:object_r:etc_t to
> system_u:object_r:hotplug_etc_t
I guess that some script created that file.
/etc/hotplug(/.*)? system_u:object_r:hotplug_etc_t
I'll change the hotplug.fc file to have the above and the directory will be
labelled as hotplug_etc_t to solve this.
> /usr/sbin/setfiles: relabeling /etc/.pwd.lock from
> system_u:object_r:shadow_t to system_u:object_r:etc_t
/etc/\.pwd\.lock -- system_u:object_r:shadow_t
I'll add the above to types.fc.
> /usr/sbin/setfiles: relabeling /etc/rndc.key from system_u:object_r:etc_t
> to system_u:object_r:rndc_conf_t make: *** [checklabels] Error 1
This is a serious problem. How was the rndc.key file created?
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list