[OT] tmpfs - was : AVC every server boot: SELinux is preventing the setxkbmap from using potentially mislabeled files (./.X11-unix).

Arthur Dent misc.lists at blueyonder.co.uk
Fri Aug 14 12:50:47 UTC 2009

On Fri, 2009-08-14 at 08:25 -0400, Daniel J Walsh wrote:
> On 08/14/2009 12:19 AM, Richard Chapman wrote:
> > Daniel J Walsh wrote:
> >> On 08/12/2009 07:53 PM, Richard Chapman wrote:


> >>
> >> I always use tmpfs for /tmp, so I never end up with garbage on a reboot.
> >>
> >>   
> > I like your idea of using tmpfs - but is it ever a problem that tmpfs is
> > relatively small and finite? Also - please excuse my ignorance - but how
> > do I make tmpfs the tmp folder?
> > 
> > Richard.
> > 
> > 
> Must have changed between RHEL5 and F11
> Try 
> chcon -R -t xdm_xserver_tmp_t /tmp/.X11-unix
> Add this line to /etc/fstab
> tmpfs                   /tmp	                tmpfs   rootcontext="system_u:object_r:tmp_t:s0",defaults        0 0
> And reboot.
> I don't tend to store huge abouts of stuff in /tmp.  If I want to store big stuff I can always use /var/tmp

Forgive the off-topic response, but I too like the idea of a
self-washing /tmp. However I am concerned that I don't really understand
how it works. What, for example, would be the effect of doing this on
server which has only limited RAM and is only rebooted periodically.
Would all the RAM get filled up over time by tmpfs and then everything
would have to run in swap?

Would I need to reboot regularly just to clean tmpfs?

I do like the idea and have just implemented it on my desktop machine
which has more RAM and gets shut down every day...



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090814/82217cb4/attachment.sig>

More information about the fedora-selinux-list mailing list