On Thu, 2008-07-24 at 21:36 +0000, Mike wrote: > Craig White <craigwhite <at> azapple.com> writes: > > > $ ls -lZ /home/craig/.ssh > > -rw------- craig craig user_u:object_r:user_home_t > > client.id_dsa.key > > -rw------- craig craig user_u:object_r:user_home_t id_dsa > > -rw-rw-r-- craig craig unconfined_u:object_r:user_home_t > > id_dsa.keystore > > -rw-r--r-- craig craig unconfined_u:object_r:user_home_t id_dsa.pub > > -rw------- craig craig unconfined_u:object_r:user_home_t id_rsa > > -rw-rw-r-- craig craig unconfined_u:object_r:user_home_t > > id_rsa.keystore > > -rw-r--r-- craig craig unconfined_u:object_r:user_home_t id_rsa.pub > > -rw------- craig craig user_u:object_r:user_home_t known_hosts > > > > but the issue of policy is that these are not the settings these files > > would get if they were located in /opt. > > Craig > > I just changed the contexts to type user_home_t for the files in .ssh > and this fixed the issue! > > Your last listing of the contexts was the crucial one - > This is excellent and thanks again for your help - I'll sleep easier > tonight! ---- No - you really need a better solution because if anything/anyone relabels, the current policy will trash those settings. Personally, I think you should probably mount what is /opt as /home and that would fix most issues. Craig -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
