On Wed, 2005-01-19 at 20:14 +0000, Mike Hearn wrote: > If we install some shared libs to say /opt/foobar/lib (or into $HOME) > and > then label the lib directory as system_u:object_r:lib_t and the DSOs > inside as system_u:object_r:shlib_t is there some risk that the > contexts > would be deleted? If a user runs 'fixfiles relabel' or does the "touch /.autorelabel;reboot", this will reset all unknown contexts to default_t. Right now it is not uncommon to tell users to do this on labeling problems. We've been talking about some solutions to this, essentially performing a more targeted relabeling automatically. But it needs careful thought, and the available RPM mechanisms don't make it easy. > Is there anything I can do to work with you guys on this? I'd suggest redirecting this discussion to fedora-selinux-list.
