Daniel J Walsh dwalsh at redhat.com
Wed May 18 12:20:53 UTC 2005

Tom London wrote:

>Running strict/enforcing, latest rawhide.
>I changed an existing user to a 'sysadm' user by adding to
>local.users, rebuilt/installed new policy, and did a 'restorecon -v
>-R' of home directory, /etc, /tmp, ....
>On reboot, logging shows that the preexisting /tmp/gconfd-XXX 
>remained labeled as 'user_u:....'.
>Removing  it (and several 'aumix*' files that were similarly labeled),
>and rebooting 'fixed' this.
>Is this the best, or does it make sense to considering adding 'per
>user' rules for such files?
Currently autorelabel removes all files from /tmp/ for this reason.
Ivan is working on some fixes for this, and per user /tmp might help also.



