problems with tmpfs and relabeling

Stephen Smalley sds at
Fri Apr 21 16:50:09 UTC 2006

On Fri, 2006-04-21 at 12:37 -0400, Bill Nottingham wrote:
> Yes. Consider pid files in /var/run, lock files in /var/lock, etc.
> > Do you expect them to follow the traditional
> > inherit-from-parent-directory behavior you get from ext3?  
> Yes.

Yes, and that's ok.  I think we just need to adjust policy to allow
restorecon to fix the label on the root directory, and (on the separate
issue of policy), we need a rw mount on /etc/selinux separate from the
rest of root so that we can perform policy module operations.

Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list