From: david@hardeman.nu (David =?iso-8859-1?Q?H=E4rdeman?=) Date: Tue, 29 Mar 2011 00:14:20 +0200 Subject: [refpolicy] Two issues with restorecon In-Reply-To: <4D4C0538.3030904@redhat.com> References: <4D4C0538.3030904@redhat.com> Message-ID: <20110328221420.GG15708@hardeman.nu> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Fri, Feb 04, 2011 at 08:55:04AM -0500, Daniel J Walsh wrote: >On 02/04/2011 08:14 AM, David H?rdeman wrote: >> Two related issues I just discovered with restorecon (sorry, I'm not close >> to my private laptop so I can't provide patches): >> >> 1) When running "restorecon -r /", restorecon (setfiles) wants to write an >> audit message that the whole fs is being relabeled (only happens when doing >> it on /), but the refpolicy doesn't seem to give setfiles_t access to write >> audit messages which I guess it should. >> >> 2) When running "restorecon -r -n /", restorecon (setfiles) wants to write >> the same audit message as above - which would be misleading since it's not >> actually changing any labels. >> >Could you open two bugzillas I'm sorry, you got me confused...bugzilla entries in the redhat bugzilla database? I'm not a redhat user... (and apologies for not replying straight away)... -- David H?rdeman