On Wed, 2012-10-03 at 07:40 -0400, Daniel J Walsh wrote: > On 10/03/2012 05:19 AM, John Austin wrote: > > On Mon, 2012-10-01 at 09:14 -0400, Daniel J Walsh wrote: > >> On 10/01/2012 07:10 AM, John Austin wrote: > >>> Hi > >>> > >>> I have recently used a bootable F17 memory stick (fully updated) to > >>> dump/restore an un-mounted Centos 6.3 system root (/) partition to a > >>> "clone" backup partition on a separate disk. > >>> > >>> I obtain SELinux error messages during the restore phase > >>> > >>> Does anyone (Daniel?) know: > >>> > >>> Will this be a problem if/when I need to use the backup? > >>> > >>> Regards > >>> > >>> John > >>> > >> Most likely the target OS did not understand the labels that you are > >> trying to install. So if you took labels off a F17 machine and tried to > >> put them on a RHEL6 box, the labels might not be defined. > > > > > > Hmmm - repeated the exercise booted from a fully updated C6.3 memory stick > > and the errors are not present during restore. (ie dumped/restored system > > and booted OS are both C6.3 with the same update level) > > > > This implies that you must use a contemporaneous version of the operating > > system (including dump/restore) to that of the actual backed up root > > partition. > > > > Obviously I do not fully understand/accept what is happening here! So a > > couple more basic questions > > > > Does this mean I have to put aside the memory stick in its current state > > (no upgrade to C6.4 say) so that I can use it as the boot device during any > > subsequent restore of the backed up partitions? > > > > OR > > > > Will the relabelling of a restored root partition (that has selinux errors > > during the restore) (when booted from that restored partition) provide a > > "perfect" working system? > > > > Thanks again > > > > John > > > I would always suggest relabeling after you restore a system. Restore sets > everything back to the default layout as currently defined in policy. While I > understand the goal of restoring the labels from a backed up partition, it is > not always the correct thing to do. Since the policy on the system might have > changed since the backup. > > For example say you backed up your homedir and saved the labels. A > selinux-policy update happens or an admin changes the labels of a particular > directory in the homedir. Now you later restore the backup over the homedir. > Now the labels of the homedir do not match the system defaults. Many thanks for the clarification and advice John -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
