rsync as backup from f11 to F10 - issues
mike cloaked
mike.cloaked at gmail.com
Wed Aug 12 21:07:31 UTC 2009
On Wed, Aug 12, 2009 at 9:36 PM, Daniel J Walsh<dwalsh at redhat.com> wrote:
> On 08/11/2009 05:30 PM, Mike Cloaked wrote:
>>
>>
>>
>> Mike Cloaked wrote:
>>>
>>>
>>> Machines on the LAN have been running backups across the network using an
>>> rsync command within a script which essentially does:
>>> rsync --delete -aXH --exclude blah /opt
>>> home1:/media/usbdrive/BACKUPS/myhostname
>>> and similar for other directories.
>>>
>>> This has worked fine until I installed F11 on some of the machines in the
>>> LAN, with ext4 filesystems on them.
>>>
>>> Trying the same thing in this case gave AVC denials on the machine
>>> (running F10) to which the the external usb drive was attached (and with
>>> an ext3 filesystem to take the backups)
>>>
>>> The AVC contained:
>>> Summary
>>> SELinux is preventing rsync (unconfined_t) "mac_admin" unconfined_t.
>>>
>>>
>>
>> I wonder if this is related to
>> https://bugzilla.redhat.com/show_bug.cgi?id=510649
> Yes you are trying to put F11 labels on an F10 box. Just setup rsync to not maintain labels.
>
You mean use flags -aH and not -AXH ? I suppose that not putting
labels onto the backup will then mean that restoring (if it became
necessary) from the backup stored on the F10 box would then generate
labels on the F11 box being restored that are correct according to
current policy for F11 if I use rsync -aH during the restore process.
Presumably labels of some kind will be generated on the backup drive
on the F10 machine but would not be related to the labels on the
originals.
Is this how others do backups?
How would this differ if rdiff-backup was used instead? Since
rdiff-backup is rsync based presumably the same thinking applies?
--
mike
More information about the fedora-selinux-list
mailing list