Hi, Thanx for the mail .. i have corrected the problem using audit2allow .. basically the domain needed permissions to access file-system. Could you please help in this case .. I am struck in kernel space get/setxattrs (FC3-2.6.8-541 fs=etx3) Should there be a difference between using user-space and kernel-space get/setxattrs to get/set file xattrs ... I have some trouble with using inode->i_op->get/setxattrs ... i getxattr from /home and set it to /var/home using inode operations and get this - ls -Zd /home /var/home drwxr-xr-x+ root root system_u:object_r:home_root_t /home/ drwxr-xr-x+ root root system_u:object_r:home_root_t /var/home/ perfect till now .. but now when i try and create files inside /var/home they get the "root:object_r:var_t" unlike /home where i get "root:object_r:user_home_dir_t" :-( and on the contrary if i create /var/home and tag with "home_root_t" using setfiles it works perfectly fine ... any clues I cant use user-space get/setxattr coz I am writing a overlay file-system ... so .... Does selinux intercept (and probably note down ) get/setxattrs syscalls or any of the type_tranistions. any suggestions .... Jaspreet Singh
