Running FC from the devel tree as of last night, and a 2.6.10-mm1-RT kernel. OK.. So I go and put user and group quotas on all the R/W file systems (it's a lot quicker to run 'repquota /full.fs' than to run 'du' and similar when you're sitting at 99%.. ;) Then quite some time later I run setfiles because I was pretty sure that I had a lot of files that hadn't been installed by rpm and thus didn't have the right contexts on them, and I get: /usr/sbin/setfiles: relabeling /aquota.user from system_u:object_r:quota_db_t to system_u:object_r:default_t /aquota.user: Operation not permitted /usr/sbin/setfiles: unable to relabel /aquota.user to system_u:object_r:default_t /usr/sbin/setfiles: relabeling /aquota.group from system_u:object_r:quota_db_t to system_u:object_r:default_t /aquota.group: Operation not permitted /usr/sbin/setfiles: unable to relabel /aquota.group to system_u:object_r:default_t /usr/sbin/setfiles: relabeling /boot/aquota.user from system_u:object_r:quota_db_t to system_u:object_r:boot_t /boot/aquota.user: Operation not permitted /usr/sbin/setfiles: unable to relabel /boot/aquota.user to system_u:object_r:boot_t /usr/sbin/setfiles: relabeling /boot/aquota.group from system_u:object_r:quota_db_t to system_u:object_r:boot_t /boot/aquota.group: Operation not permitted /usr/sbin/setfiles: unable to relabel /boot/aquota.group to system_u:object_r:boot_t /usr/sbin/setfiles: relabeling /usr/aquota.user from root:object_r:quota_db_t to system_u:object_r:usr_t /usr/aquota.user: Operation not permitted /usr/sbin/setfiles: unable to relabel /usr/aquota.user to system_u:object_r:usr_t /usr/sbin/setfiles: relabeling /usr/aquota.group from system_u:object_r:quota_db_t to system_u:object_r:usr_t /usr/aquota.group: Operation not permitted /usr/sbin/setfiles: unable to relabel /usr/aquota.group to system_u:object_r:usr_t Is there any way to express: $MOUNTPOINT/aquota\.(user|group)$ -- system_u:object_r:quota_db_t in the .fc files, or do we need to settle for '/.*/aquota\.(user|group)' as the regexp? (And no, I have no idea how I ended up with 'root:object_r:quota_db_t' on /usr/aquota.user, but the other ones were system_u....)
Attachment:
pgp11aeyQzJ5l.pgp
Description: PGP signature
