On Thu, 07 Oct 2004 09:00:01 -0400, Stephen Smalley <sds@xxxxxxxxxxxxxx> wrote: > Teaching users to use restorecon in the same manner as chmod/chown if > they want to export data to one of the confined services like apache is > not an undue burden. Education about needing to be aware of the contexts now is one issue, but we are going to definitely need to expose the security context information in the tools most people use to check file properties if we want it to be easy to deal with. I know ls in rawhide exposes the contexts via -Z but I haven't poked around with nautilus to see if security context information is exposed there. And of course having nautilus be able to run the restorecon via a right click menu entry on a directory or file is going to be needed for smooth operation for a segment of the userbase. And are there any tools aimed at helping users figure out what file security context settings are needed for specific service/daemons? -jef