dump/restore EA errors
Daniel J Walsh
dwalsh at redhat.com
Wed Jul 8 10:23:01 UTC 2009
On 07/07/2009 05:38 PM, Brian Krusic wrote:
> On Jul 7, 2009, at 2:32 PM, Daniel J Walsh wrote:
>
>> On 07/07/2009 04:10 PM, Brian Krusic wrote:
>>> Hi,
>>>
>>> Not sure if even this is were I should post so forgive the mis-posting.
>>> I did a search for selinux help and this is were I got.
>>>
>>> I'm running RHEL 5 and am having SE linux issues even though I have SE
>>> Linux disabled.
>>>
>>> I have basic support and they really are of no help on this matter.
>>>
>>> My scenario;
>>>
>>> RHEL 5 NFS server (although it can be a Centos NFS server or even a
>>> BlueArc).
>>> Centos 5 NFS client.
>>> Dump/Restore.
>>>
>>> From my NFS client I do;
>>>
>>> dump -f - / | restore -r -r -
>>>
>>> I can get screen loads of stuff like;
>>>
>>> restore: ./etc/ysyconfig/network-scripts/ifcfg-eth0: EA set
>>> security.selinux:system_u:object_r:etc_t:s0 failed: Operation not
>>> supported.
>>>
>>> This happens on various files in various folders.
>>>
>>> The dump/restore does complete and the files do get restored.
>>>
>>> lsattr shows nothing set on the source files and when doing it on the
>>> NFS share, I get;
>>>
>>> lsattr: Inappropriate ioctl for device While reading flags on .... (this
>>> is various dirs).
>>>
>>> Any clues are appreciated.
>>>
>>> Thanks in advance,
>>> - Brian
>>>
>>> --
>>> fedora-selinux-list mailing list
>>> fedora-selinux-list at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>> Looks like restore is trying to maintain the xattrs of a previous
>> selinux label, when the kernel sees the xattr it refuses to assign it
>> on an NFS share since NFS does not support xattrs.
>>
>>
>
> Hi Daniel,
>
> A few things;
>
> 1 - When doing an lsxattr, I don't see any thing other then ------------
> which tells me that no extended attributes exist for that file.
>
> 2 - How do I remove any selinux lables since I don't use or need selinux?
>
I am not sure there is a good way to remove them, or if it is worth it.
Try
> getfattr -n security.selinux /etc
To see if you have labeled.
I guess you could try
> setfattr -x security.selinux /etc
To remove.
More information about the fedora-selinux-list
mailing list