Thanks.
However, I'm having a slightly different problem: because of various circumstances, some files that should be labeled appear to be unlabeled.
I'm thinking that I missed the easy way: just running 'fixfiles check' or 'setfiles -n -v ...'
tom ---------------------------------------------------------------- * From: Thomas Bleher <bleher informatik uni-muenchen de>
* Tom London <selinux comcast net> [2004-05-30 20:12]: > I understand its 'safer' to run 'fixfiles relabel', but some vestigial > unlabeled files seem to remain...
Look into your policy for file contexts which specify "<<none>>" as context. This means that setfiles does not touch these files at all, as they can not be properly labeled by looking at the file name; so it is best to leave them alone. If you come from a non-SELinux system you should probably delete all these files[0] and reboot.
Thomas
[0] the policy I'm looking right now has <<none>> only for files which can be safely deleted if the system is in single user mode and is restarted immediately afterwards.
