Stephen Smalley wrote: >Sent: Friday, December 07, 2007 1:17 PM >To: For users of Fedora >Subject: RE: Best way to copy /usr to different partition? > > >On Fri, 2007-12-07 at 12:35 -0800, Daniel B. Thurman wrote: >> Tony Nelson wrote: >> >Sent: Friday, December 07, 2007 8:43 AM >> >To: fedora-list@xxxxxxxxxx >> >Subject: Re: Best way to copy /usr to different partition? >> > >> > >> >At 10:43 PM -0500 12/6/07, Kevin J. Cummings wrote: >> >>Daniel B. Thurman wrote: >> >>> I was getting dangerously close to running out of disk space >> >>> since /usr was filling up fast. >> >>> >> >>> I thought it was simple to tar-copy /usr to a different >> >drive/partiton >> >>> using tar copy such as: >> >>> >> >>> (cd /usr; tar cpf - .) | (cd /newpartition; tar xpf -) >> >> >> >>using tar doesn't copy the extended attributes used by SELinux. ... >> > ... >> > >> >`man tar` shows the --xattrs and --no-xattrs options (though >> >`man tar` and >> >`info tar` don't say what the default is), so tar should work >> >for EAs if >> >used with --xattrs. >> >-- >> >____________________________________________________________________ >> >TonyN.:' <mailto:tonynelson@xxxxxxxxxxxxxxxxx> >> > ' <http://www.georgeanelson.com/> >> > >> >-- >> >> I have discovered that using: >> >> (cd /usr-b; tar -cp -xattrs -f - .) | (cd /usr; tar -xp >--xattrs -f -) > >That's a bug - bugzilla it. Should work with --xattrs or --selinux. > >> OR >> (cd /usr; cp -pR /usr-b/. .) > >Use cp -a; cp -p only deals with DAC perms. > >> did not preserve the selinux attributes. >> >> I have checked the attributes in /usr-b/lib/libsysfs* and >> it has lib_t assigned to these files against the copied files >> /usr/lib/libsysfs* and it shows default_t instead of lib_t. >> >> This may mean that my entire /usr filesystem has improper >> selinux attributes. >> >> Can someone tell me how to copy the files from my original >> /usr-b filesystem to /usr filesystem with the selinux attributes >> intact? > >star is supposed to know how to handle xattrs. >tar was patched in F8 but something seems amiss there. >cp has support. >Or you can just copy however you please and then perform a relabel, >either by running fixfiles relabel manually or by touch /.autorelabel >and reboot. > >-- >Stephen Smalley >National Security Agency > >-- Whoa! I tried cp -aR and guess what - it does not preserve the selinux attributes. Also - the hard links were not restored either - they appeared as broken links (which is not unexpected, I think). At least this is the long way of finding hard links, I think When I tried the tar string mentioned above, it seems to also reconstruct the hardlinks at the new partition area but of course does not preserve the selinux attributes. Seems that both the cp and the tar has the same problem of preserving selinux attributes. I think I will stick to tar and /.autorelabel. No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.16.17/1176 - Release Date: 12/6/2007 11:15 PM
