Stephen Smalley (sds@xxxxxxxxxxxxx) said: > > in which file should I add this? > > After further discussion on selinux list, it looks like Dan is going to > take a different approach and not use a fscontext= or context= mount. > Instead, he is just adding a 'restorecon /tmp' line > to /etc/rc.d/rc.sysinit so that it will get relabeled to tmp_t at that > time, and Dan recently added the following to the policy: > allow tmpfile tmpfs_t:filesystem associate; A question: why don't mounts normally inherit the context of the directory where they're mounted in cases like these? Bill
