F11 Relabel problem
Daniel J Walsh
dwalsh at redhat.com
Fri Aug 14 15:00:05 UTC 2009
On 08/14/2009 10:49 AM, Arthur Dent wrote:
> On Fri, 2009-08-14 at 10:37 -0400, Daniel J Walsh wrote:
>> On 08/14/2009 04:10 AM, Arthur Dent wrote:
>
>> The problem is a lot of the scripts were renamed from
>>
>>
>> DAEMON_script_exec_t to DAEMON_initrc_exec_t
>>
>> So I think restore is complaining because the previous label has gone away.
>>
>> If you ls -lZ /etc/init.d/
>>
>> Look for unlabeled_t or script_exec_t, if you have those you might have a problem.
>>
>> If they all look like *initrc_exec_t or just initrc_exec_t then you are probably ok.
>>
>
> This could be my problem:
>
> ls -lZ /etc/init.d/
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 acpid
> -rwxr-xr-x. root root system_u:object_r:crond_initrc_exec_t:s0 atd
> -rwxr-xr-x. root root system_u:object_r:auditd_initrc_exec_t:s0 auditd
> -rwxr-xr-x. root root system_u:object_r:avahi_initrc_exec_t:s0
> avahi-daemon
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 backuppc
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 btseed
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 bttrack
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 clamd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 cpuspeed
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 crond
> -rwxr-xr-x. root root system_u:object_r:cupsd_initrc_exec_t:s0 cups
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0
> cups-config-daemon
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 dc_client
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 dc_server
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 ddclient
> -rwxr-xr-x. root root system_u:object_r:dnsmasq_initrc_exec_t:s0 dnsmasq
> -rwxr-xr-x. root root system_u:object_r:dovecot_initrc_exec_t:s0 dovecot
> -rwxr-xr-x. root root system_u:object_r:fail2ban_initrc_exec_t:s0
> fail2ban
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 firstboot
> -rw-r--r--. root root system_u:object_r:bin_t:s0 functions
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 gpm
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 haldaemon
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 halt
> -rwxr-xr-x. root root system_u:object_r:httpd_initrc_exec_t:s0 httpd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 ip6tables
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 iptables
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 killall
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 lm_sensors
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 mdmonitor
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 messagebus
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 multipathd
> -rwxr-xr-x. root root system_u:object_r:mysqld_initrc_exec_t:s0 mysqld
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 netconsole
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 netfs
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 netplugd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 network
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 NetworkManager
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 nfs
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 nfslock
> -rwxr-xr-x. root root system_u:object_r:samba_initrc_exec_t:s0 nmb
> -rwxr-xr-x. root root system_u:object_r:nscd_initrc_exec_t:s0 nscd
> -rwxr-xr-x. root root system_u:object_r:ntpd_initrc_exec_t:s0 ntpd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 ntpdate
> -rwxr-xr-x. root root system_u:object_r:openvpn_initrc_exec_t:s0 openvpn
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 pcscd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 portreserve
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 psacct
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 racoon
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 rdisc
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 restorecond
> -rwxr-xr-x. root root system_u:object_r:rpcbind_initrc_exec_t:s0 rpcbind
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 rpcgssd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 rpcidmapd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 rpcsvcgssd
> -rwxr-xr-x. root root system_u:object_r:syslogd_initrc_exec_t:s0 rsyslog
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 saslauthd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 sendmail
> -rwxr-xr-x. root root system_u:object_r:shorewall_initrc_exec_t:s0
> shorewall
> -rwxr-xr-x. root root system_u:object_r:fsdaemon_initrc_exec_t:s0 smartd
> -rwxr-xr-x. root root system_u:object_r:samba_initrc_exec_t:s0 smb
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 smolt
> -rwxr-xr-x. root root system_u:object_r:snmpd_initrc_exec_t:s0 snmpd
> -rwxr-xr-x. root root system_u:object_r:snmpd_initrc_exec_t:s0 snmptrapd
> -rwxr-xr-x. root root system_u:object_r:spamd_initrc_exec_t:s0
> spamassassin
> -rwxr-xr-x. root root system_u:object_r:squid_initrc_exec_t:s0 squid
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 squidGuard
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 sshd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0
> transparent-proxying
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 udev-post
> -rwxr-xr-x. root root system_u:object_r:samba_initrc_exec_t:s0 winbind
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 wpa_supplicant
> -rwxr-xr-x. root root system_u:object_r:ypbind_initrc_exec_t:s0 ypbind
>
>
> Looks OK ... But
>
> ls -lZ /mnt/F9/etc/init.d/
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 acpid
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 anacron
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 atd
> -rwxr-xr-x. root root system_u:object_r:auditd_script_exec_t:s0 auditd
> -rwxr-xr-x. root root system_u:object_r:avahi_initrc_exec_t:s0
> avahi-daemon
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 backuppc
> -rwxr-xr-x. root root system_u:object_r:bluetooth_script_exec_t:s0
> bluetooth
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 btseed
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 bttrack
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 clamd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 cpuspeed
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 crond
> -rwxr-xr-x. root root system_u:object_r:cupsd_initrc_exec_t:s0 cups
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0
> cups-config-daemon
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 dc_client
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 dc_server
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 ddclient
> -rwxr-xr-x. root root system_u:object_r:dnsmasq_script_exec_t:s0 dnsmasq
> -rwxr-xr-x. root root system_u:object_r:dovecot_script_exec_t:s0 dovecot
> -rwxr-xr-x. root root system_u:object_r:bluetooth_script_exec_t:s0 dund
> -rwxr-xr-x. root root system_u:object_r:fail2ban_script_exec_t:s0
> fail2ban
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 firestarter
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 firstboot
> -rwxr-xr-x. root root system_u:object_r:bin_t:s0 functions
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 gpm
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 haldaemon
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 halt
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 hsqldb
> -rwxr-xr-x. root root system_u:object_r:httpd_script_exec_t:s0 httpd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 ip6tables
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 iptables
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 irda
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 irqbalance
> -rwxr-xr-x. root root system_u:object_r:kerneloops_script_exec_t:s0
> kerneloops
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 killall
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 lm_sensors
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 mdmonitor
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 messagebus
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 microcode_ctl
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 multipathd
> -rwxr-xr-x. root root system_u:object_r:mysqld_script_exec_t:s0 mysqld
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 netconsole
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 netfs
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 netplugd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 network
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 NetworkManager
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 nfs
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 nfslock
> -rwxr-xr-x. root root system_u:object_r:samba_script_exec_t:s0 nmb
> -rwxr-xr-x. root root system_u:object_r:nscd_script_exec_t:s0 nscd
> -rwxr-xr-x. root root system_u:object_r:ntpd_script_exec_t:s0 ntpd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 ntpdate
> -rwxr-xr-x. root root system_u:object_r:openvpn_script_exec_t:s0 openvpn
> -rwxr-xr-x. root root system_u:object_r:bluetooth_script_exec_t:s0 pand
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 pcscd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 psacct
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 racoon
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 rdisc
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 restorecond
> -rwxr-xr-x. root root system_u:object_r:rpcbind_script_exec_t:s0 rpcbind
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 rpcgssd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 rpcidmapd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 rpcsvcgssd
> -rwxr-xr-x. root root system_u:object_r:syslogd_script_exec_t:s0 rsyslog
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 saslauthd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 sendmail
> -rwxr-xr-x. root root system_u:object_r:setroubleshoot_script_exec_t:s0
> setroubleshoot
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 shorewall
> -rwxr-xr-x. root root system_u:object_r:fsdaemon_script_exec_t:s0 smartd
> -rwxr-xr-x. root root system_u:object_r:samba_script_exec_t:s0 smb
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 smolt
> -rwxr-xr-x. root root system_u:object_r:snmp_script_exec_t:s0 snmpd
> -rwxr-xr-x. root root system_u:object_r:snmp_script_exec_t:s0 snmptrapd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 spamassassin
> -rwxr-xr-x. root root system_u:object_r:squid_script_exec_t:s0 squid
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 squidGuard
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 sshd
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0
> transparent-proxying
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 udev-post
> -rwxr-xr-x. root root system_u:object_r:samba_script_exec_t:s0 winbind
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 wpa_supplicant
> -rwxr-xr-x. root root system_u:object_r:initrc_exec_t:s0 ypbind
>
>
> This is the old F9 partition. Should I try to fix them somehow or just
> umount the F9 partition and only mount it when I need to peek inside?
>
Well it is up to you. One option would be to use a mount context when you mount the partion, which would override and ignore the F9 labels. Either way I don't think it will cause you much problems.
> Thanks!
>
> Mark
>
>
>
> ------------------------------------------------------------------------
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
More information about the fedora-selinux-list
mailing list