restorecon resets files
Daniel J Walsh
dwalsh at redhat.com
Mon Oct 6 20:05:02 UTC 2008
LC Bruzenak wrote:
> # ls -Z /var/run/auditd.pid /var/run/audispd_events
> srw-r----- root root system_u:object_r:audisp_var_run_t:SystemHigh /var/run/audispd_events
> -rw-r--r-- root root system_u:object_r:auditd_var_run_t:SystemHigh /var/run/auditd.pid
>
> # restorecon -rv /var/run/
> restorecon reset /var/run/audispd_events context system_u:object_r:audisp_var_run_t:s15:c0.c1023->system_u:object_r:audisp_var_run_t:s0
> restorecon reset /var/run/auditd.pid context system_u:object_r:auditd_var_run_t:s15:c0.c1023->system_u:object_r:auditd_var_run_t:s0
>
> [root at hugo ~]# ls -Z /var/run/auditd.pid /var/run/audispd_events
> srw-r----- root root system_u:object_r:audisp_var_run_t:SystemLow /var/run/audispd_events
> -rw-r--r-- root root system_u:object_r:auditd_var_run_t:SystemLow /var/run/auditd.pid
>
> I assume that both these files should be kept at SystemHigh?
>
> selinux-policy-mls-3.4.2-14.fc9.noarch
>
> Thx,
> LCB.
>
Yes that is a bug.
More information about the Linux-audit
mailing list