On 10/12/2021 10:22, Nick Urbanik wrote:
There is an ongoing problem of decay of selinux labels on this machine; I would appreciate any suggestions on how to troubleshoot this I find it alarming.
I wouldn't call it a "decay". If it were that I wouldn't expect the context to be valid. As it is, those files have acquired the context of the parent directory. [root@f35k ~]# ls -Zd /usr/sbin system_u:object_r:bin_t:s0 /usr/sbin
$ sudo restorecon -rv * Relabeled /usr/sbin/alsactl from system_u:object_r:bin_t:s0 to system_u:object_r:alsa_exec_t:s0 Relabeled /usr/sbin/ldconfig from system_u:object_r:bin_t:s0 to system_u:object_r:ldconfig_exec_t:s0 Relabeled /usr/sbin/pcscd from system_u:object_r:bin_t:s0 to system_u:object_r:pcscd_exec_t:s0
When you notice that the context is incorrect, do a "stat" on the file before you do the restorecon. [root@f35k ~]# stat /usr/sbin/alsactl File: /usr/sbin/alsactl Size: 125280 Blocks: 248 IO Block: 4096 regular file Device: 20h/32d Inode: 372367 Links: 1 Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Context: system_u:object_r:alsa_exec_t:s0 Access: 2021-12-10 11:23:35.560487567 +0800 Modify: 2021-12-07 02:03:45.000000000 +0800 Change: 2021-12-10 11:22:50.795424435 +0800 Birth: 2021-12-10 11:22:50.604428432 +0800 The time of 2021-12-10 11:22:50 corresponds to a "dnf update" which included an update to alsa-utils. -- Did 황준호 die? _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
