Problem with restorecon
Bruno Wolff III
bruno at wolff.to
Mon Dec 1 23:03:03 UTC 2008
On Mon, Dec 01, 2008 at 23:47:04 +0100,
Konrad Azzopardi <konrad.azzopardi at gmail.com> wrote:
>
> I cannot get rid of initrc_exec_t. Although my script is still
> confined correctly, I would like to label this file normally, is there
> a reason why restorecon fails ?
My guess would be that the last matching rule for /etc/init.d/yule is not
the one you have shown.
As far as I can tell the management of rules for restorecon is not complete
as there isn't any easy way to order the rules.
For add on rules you can delete existing ones and re-add them to put them
at the end of the list. That is a pain.
I don't think a list of re's matching complete paths that is order dependent
is the best way to solve this problem. I think it would be better to have
something that matched the tree structure of the file system.
More information about the fedora-selinux-list
mailing list