Stuart Sears <stuart <at> sjsears.com> writes: > how, exactly? > These are the labels on my system (using ls -Z): > /home/* system_u:object_r:user_home_dir_t:s0 > /home/USER/* system_u:object_r:user_home_t:s0 > /home system_u:object_r:home_root_t:s0 > > whereas files in /opt/local seem to get labelled like this: > > /opt/local/* unconfined_u:object_r:usr_t:s0 > or this system_u:object_r:usr_t:s0 My file contexts are: [mike@lapmike2 mike]$ ls -Zd /opt/Local/home drwxr-xr-x root root system_u:object_r:file_t:s0 /opt/Local/home [mike@lapmike2 mike]$ ls -Zd /home lrwxrwxrwx root root unconfined_u:object_r:root_t:s0 /home -> /opt/Local/home [mike@lapmike2 mike]$ ls -Zd /home/mike drwx------ mike mike system_u:object_r:user_home_dir_t:s0 /home/mike [mike@lapmike2 mike]$ ls -Zd /opt/Local/home/mike drwx------ mike mike system_u:object_r:user_home_dir_t:s0 /opt/Local/home/mike [mike@lapmike2 mike]$ ls -Zd /home/mike/.bash_profile -rw-r--r-- mike mike system_u:object_r:user_home_t:s0 /home/mike/.bash_profile > have you tried relabelling the homedirs and their contents in > /opt/local/home appropriately? I am not sure what is appropriate here? > what did you try to change it to? I notice from your post that my /opt/Local/home has a type file_t whereas yours was home_root_t - maybe I need to change this? The subdirectories seem the same as you quoted. > 1. yum install setroubleshoot > 2. service setroubleshoot start > > 3. then ssh in > > 4. look in /var/log/messages on your machine for lines containing 'sealert' > (or just run sealert -b if you have a graphical desktop) Yes this gives messages in /var/log/messages that selinux is preventing access to files with label file_t - which suggests that your context was right for /opt/Local/home and mine is wrong! I will change that context and try again. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
