SELinux - a question about external drive after upgrade
Daniel J Walsh
dwalsh at redhat.com
Fri Oct 3 13:10:05 UTC 2008
Mike wrote:
> I have a question related to something I had not thought about before...
>
> I have an external USB drive that has been used for quite some time as a
> backup drive attached to a machine that has SELinux disabled. Other machines
> in the LAN are backed up to the same external drive using rsync to the machine
> on which the external drive is attached. So there are no security contexts
> for files on the backup drive.
>
> Some of the other local machines are now upgraded to F9 running SElinux enabled,
> but of course the backups produce files on the external drive without any
> SELinux context information, since the machine that writes then has SELinux
> disabled!
>
> So the question arises - if the main machine is then upgraded to F9 with
> SELinux enabled - what will happen to backup files when the original external
> drive is plugged in and used?
>
> Will the filesystem on the external drive need to be relabelled once the machine
> on which it is attached has been upgraded? If so what is the cleanest and safest
> way to get the whole system using SELinux?
>
>
>
You can easily lay context down by running restorecon on the USB drive
at the mountpoint. Or just set it up to mount the disk with a countext.
Something like system_u:object_r:removable_t:s0.
More information about the fedora-list
mailing list