differences between setfiles and restorecon? repeat of old thread?
selinux at gmail.com
Mon Aug 29 13:57:01 UTC 2005
On 8/29/05, Stephen Smalley <sds at tycho.nsa.gov> wrote:
> On Sat, 2005-08-27 at 12:58 -0700, Tom London wrote:
> > 'setfiles -v /etc/selinux/targeted/contexts/files/file_contexts /' did
> > the right thing.
> > [Its almost as if restorecon is using the 'real' full pathname (with
> > leading /mnt), and setfiles is using the 'chroot'ed' pathname (without
> > the leading /mnt).]
> BTW, I'm not sure what you mean by the above. setfiles does accept a -r
> option to specify an alternate root path, so you can apply it to a
> chroot setup without running it chroot'd itself. But without that
> option, I wouldn't have expected it to touch /mnt at all, especially as
> file_contexts marks it <<none>>.
First, thanks for the explanation.
My comment regarding 'real' vs. 'chroot-ed' pathnames was just my feeble
poke at explaning what was going on. I had noticed the entry for /mnt in
file_contexts, and concluded that 1+1=3. ;)
Regarding setfiles, thanks for the info regarding '-r' option. Its not in
the man page nor in 'setfiles --help', so I did the 'chroot' balancing act.
'setfiles -r' produces 'usage: setfiles -r rootpath' though.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the fedora-selinux-list