<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1"> <META content="MSHTML 6.00.6000.16544" name=GENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=#f4f0e8> <DIV>----------- a challenge for selinux------------ Hi fellow selinux uses ... How can you fix labeling when the selinux tools don't allow you to. Selinux commands complain & refuse to work. Tradition selinux commands don't work. IE chcon, restorecon , fixfiles, setfiles etc..I Need an *expert* here, .......... PROBLEM is : my /boot directory has : :boot_t: and :home_root_t: .......... together labled --- see below. and I can't fix it. do we have to edit the "inode" directly?? Having two types on one file I believe should *never* happen but -- it has. Should be one ":boot_t:" or the other ":home_root_t:" but never *both*! I think I know how it happened -- but that's not the issue right now -- how do you fix it?? The security of selinux normaly is designed to prevent adhoc changes --- so this is why it is difficult... but with root password their would be a solution somehow. Thx Roger Salisbury Below is the setfiles display: /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /boot/lost\+found/.*. /etc/selinux/targeted/contexts/files/file_contexts: Multiple different specifications for /boot (system_u:object_r:home_root_t:s0 and system_u:object_r:boot_t:s0). /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /boot/\.journal. /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /boot/lost\+found. setfiles: labeling files under /boot setfiles: labeling files under /boot matchpathcon_filespec_eval: hash table stats: 28 elements, 28/65536 buckets used, longest chain length 1 setfiles: Done. </DIV></BODY></HTML>