On 7/11/19 4:45 PM, Ed Greshko wrote: > On 7/11/19 3:41 PM, Samuel Sieb wrote: >>> I was of the understanding that creating a new file should get the >>> appropriate contexts, the same ones that using restorecon would set. >> I see the same thing. And I had the same expectation. > Same here. > > I have asked about it on the selinux list. > In the event anyone is interested. The short answer is.... Unless a file or directory has a "FILE transition rule" defined in the selinux policy it will inherit the context of the directory where it resides. The file .fetchmailrc has no such transition rule associated with it. And example of one which does is "certificates". Looking at the directory ~/.local/share [maria@meimei .local]$ ls -Zd share unconfined_u:object_r:data_home_t:s0 share [maria@meimei .local]$ cd share [maria@meimei share]$ ls -Z certificates ls: cannot access 'certificates': No such file or directory [maria@meimei share]$ mkdir certificates [maria@meimei share]$ ls -Zd certificates/ unconfined_u:object_r:home_cert_t:s0 certificates/ As one can see the directory "certificates" didn't inherit from share. If anyone thinks .fetchmailrc should have a transition rule they should file a BZ. -- Right: I dislike the default color scheme Wrong: What idiot picked the default color scheme _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
