SELinux restorecon does not work

James Corteciano james at linux-source.org
Tue Apr 6 05:53:50 UTC 2010


Hi All,

I have this following issue in SELinux. I did what instruction say but the
security context has still never change. I hope anyone could help me out of
this. Thank you.

-------------------------------------------------------
# sealert -b
........................................
Summary:
SELinux is preventing postmaster (postgresql_t) "setattr" to ./db (etc_t).

Allowing Access:
Sometimes labeling problems can cause SELinux denials. You could try to
restore the default system file context for ./db,

restorecon -v './db'

If this does not work, there is currently no automatic way to allow this
access. Instead, you can generate a local policy module to allow this access
- see FAQ Or you can disable SELinux protection altogether. Disabling
SELinux protection is not recommended. Please file a bug report against this
package.
........................................

# ls -ldZ /etc/<apps>/db
drwx------  postgres postgres user_u:object_r:etc_t            db

# restorecon -v /etc/<apps>/db
# ls -ldZ /etc/<apps>/db
drwx------  postgres postgres user_u:object_r:etc_t            db
-------------------------------------------------------

Regards,
James



More information about the redhat-list mailing list