On 09/10/2009 11:19 AM, Stephen Smalley wrote: > On Thu, 2009-09-10 at 10:58 -0400, Daniel J Walsh wrote: >> On 09/10/2009 01:58 AM, Sean Carlos wrote: >>> >>> At one point I performed a new Fedora install and restored my personal >>> files before disabling SELinux which I don't need. >>> >>> As a result many files have permissions which include a dot at the end, >>> e.g.: >>> >>> -rw-rw-r--. >>> >>> This causes havoc with many applications, i.e. gedit complains it cannot >>> make a back-up file. >> Open a bugzilla on this. Having an extended attribute should not cause gedit to work to fail. > > I think what is happening is this: gedit has been instrumented to > preserve the security.selinux attribute on files. This works fine when > SELinux is enabled, as SELinux applies a set of permission checks on > setting its attributes and does not require a Linux capability / > superuser access in doing so. But when SELinux is disabled, setting any > attribute in the security.* namespace is restricted to CAP_SYS_ADMIN and > thus non-root use of gedit will fail on the setxattr() call with EPERM. > I would say that gedit should check SELinux enfocing mode and if disabled continue to work. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
