Hi folks,
normally I have not so much to do with SElinux but I expected to get in touch sooner or later :-)
I migrated a backup-system from El5 to EL6 and the rsync backup process is complaining about selinux attr's now.
client <-> server (fetches via rsync -aHAX)
client# sestatus
SELinux status: disabled
server# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissive
Mode from config file: permissive
Policy version: 24
Policy from config file: targeted
for example, no label for this file on client side:
client# ls -laZ /usr/share/zoneinfo/Africa/Bissau
-rw-r--r-- root root /usr/share/zoneinfo/Africa/Bissau
but on server side:
rsync: rsync_xal_clear: lremovexattr("usr/share/zoneinfo/Africa/.Bissau.WaE4wj","security.selinux") failed: Permission denied (13)
and
server# ls -laZ /BACKUP/usr/share/zoneinfo/Africa/Bissau
-rw-r--r--. root root unconfined_u:object_r:locale_t:s0 usr/share/zoneinfo/Africa/Bissau
the local (server) destination is mounted like:
server# cat /proc/mounts |grep BACKUP
/dev/sdc1 /BACKUP ext3 rw,seclabel,nosuid,nodev,noatime,nodiratime,errors=continue,acl,barrier=1,data=ordered 0 0
this partition comes from the former system (EL5 productively used without labeling it and with SElinux disabled).
I started to enable SElinux (permissive) on new systems and therefore disabling SElinux
like it was done before on the former system is not an option.
Any suggestions to avoid the default labeling "unconfined_u:object_r:locale_t:s0"?
--
Thanks,
LF
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
