livecd-creator + selinux
Stephen Smalley
sds at tycho.nsa.gov
Thu May 15 20:47:18 UTC 2008
On Thu, 2008-05-15 at 16:33 -0400, Eric Paris wrote:
> #4 At the end of the rpm transaction when everything is installed it
> calls restorecon and I get one for (I assume) every file almost all of
> which look like:
>
> /sbin/restorecon reset /srv context system_u:object_r:var_t:s0->system_u:object_r:var_t:s0
>
> Notice nothing changed? Again I assume its my hack of a /selinux which
> causes it and I'll try to run down why, but maybe someone else sees that
> quickly.
That suggests it is being called with the -f (force) flag from
e.g. /sbin/fixfiles. selinux-policy.spec does a
fixfiles -C file_contexts.pre restore
fixfiles -C does a diff between the old and new file contexts
configurations and applies restorecon to the result. There is some
serious magic in there, and it is all Dan's fault ;)
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list