restorecon vs. setfiles
Daniel J Walsh
dwalsh at redhat.com
Wed May 19 03:07:54 UTC 2004
Aleksey Nogin wrote:
> On 18.05.2004 19:22, Gary Peck wrote:
>
>> For some reason restorecon and setfiles have different notions of what
>> context certain files should be. For example:
>
> [...]
>
>> So, restorecon thinks that *.so files should be shlib_t, whereas
>> setfiles thinks they should be lib_t. Which one is right and why do they
>> disagree? I thought that they both get their context info from the same
>> place.
>
>
> It seems the two disagree on symlinks. May be restorecon forgets to
> check whether its argument is a symlink?
>
Looks like a bug in matchpathcon (Which is used buy restorecon). It is
returning the wrong security context. I will send this to stephen.
Basically looks like it is ignoring file type.
Dan
More information about the fedora-selinux-list
mailing list