/tmp/gconfd-* : wrong type after 'augmenting' user
Ivan Gyurdiev
ivg2 at cornell.edu
Sun May 15 19:47:46 UTC 2005
On Sun, 2005-05-15 at 11:49 -0700, Tom London wrote:
> Running strict/enforcing, latest rawhide.
>
> I changed an existing user to a 'sysadm' user by adding to
> local.users, rebuilt/installed new policy, and did a 'restorecon -v
> -R' of home directory, /etc, /tmp, ....
>
> On reboot, logging shows that the preexisting /tmp/gconfd-XXX
> remained labeled as 'user_u:....'.
>
> Removing it (and several 'aumix*' files that were similarly labeled),
> and rebooting 'fixed' this.
>
> Is this the best, or does it make sense to considering adding 'per
> user' rules for such files?
I have patches that addresses exactly this, and they are pending
being merged post FC4. The patches create a new USER expansion,
and begin using it to label the orbit and gconf folder.
--
Ivan Gyurdiev <ivg2 at cornell.edu>
Cornell University
More information about the fedora-selinux-list
mailing list