Fedora Core 4

Colin Walters walters at redhat.com
Wed Jan 19 20:26:01 UTC 2005


On Wed, 2005-01-19 at 20:14 +0000, Mike Hearn wrote:

> If we install some shared libs to say /opt/foobar/lib (or into $HOME)
> and
> then label the lib directory as system_u:object_r:lib_t and the DSOs
> inside as system_u:object_r:shlib_t is there some risk that the
> contexts
> would be deleted?

If a user runs 'fixfiles relabel' or does the
"touch /.autorelabel;reboot", this will reset all unknown contexts to
default_t.  Right now it is not uncommon to tell users to do this on
labeling problems.  We've been talking about some solutions to this,
essentially performing a more targeted relabeling automatically.  But it
needs careful thought, and the available RPM mechanisms don't make it
easy.

> Is there anything I can do to work with you guys on this?

I'd suggest redirecting this discussion to fedora-selinux-list.





More information about the fedora-devel-list mailing list