selinux file attributes
Gene Czarcinski
gene at czarc.net
Fri Mar 26 22:28:51 UTC 2004
OK, I just did a fresh everything install with today's development snapshot
and it is looking good. I let things default to enforcing and was able to
login.
However ... I then added a couple of other userids. Before doing that with
system-config-users, I edited to /etc/security/selinux/src/users file to
define one of these as an "admin" user.
Oops, I cannot login because it cannot find the home directory (because it has
incompatible attributes). OK, so I login as root (role=sysadm_r) and run
"fixfiles relabel". Then I logout but now gdm cannot come up! OK, go to a
VT and login as root ... run "make reload" and "make relabel" and then
reboot.
While s-c-u should handle the application of proper attributes (it needs to be
selinux aware and supporting), I should not need to keep running relabel.
One of the other things I noticed is that after installation the partitions
lost-found directory did not have any attributes ... after running relabel it
did. Shouldn't this be handled by the installer? I wonder what happens if
you format a new partition?
Gene
More information about the fedora-selinux-list
mailing list