"Invalid File Contexts"
Patrick J. LoPresti
lopresti at gmail.com
Fri Nov 12 19:18:03 UTC 2004
I am starting to roll out Fedora Core 3 on my systems. Every one I
install sends Email to root with the Subject "Invalid File Contexts"
and a body listing a bunch of files.
I see that these messages are generated by
/etc/cron.weekly/fixfiles.cron. (Which is an odd name, since the
script runs in "check" mode and does not actually fix anything.) I
understand that these "contexts" are the tags used by SELinux to
regulate access. What I do not know is how I am supposed to respond
to these messages.
I mean, I know I can run "fixfiles restore" by hand to fix up the
contexts. But this is a pain on a network with hundreds of machines,
and I do not know when exactly I should run this if I want to automate
it.
How did the contexts become invalid in the first place? The file list includes:
/etc/sysconfig/firstboot
/etc/sysconfig/hwconf
/lib/modules/2.6.9-1.667/modules.symbols
/var/run/utmp
And around 60 other files. Why are the security contexts not being
set automatically? Should I report this as a bug?
- Pat
More information about the fedora-list
mailing list