On Tue, 2005-02-15 at 02:04 -0600, Joe Cooper wrote: > Joe Cooper wrote: > also noticed that I'm actually getting slightly different labels than > /var/spool/squid: > > [root@localhost /]# ls -lZ /var/spool/squid > drwxr-xr-x squid squid root:object_r:squid_cache_t 00 > [root@localhost /]# ls -lZ /cache0 > drwxr-xr-x squid squid system_u:object_r:squid_cache_t 00 > > So I've got root:object_r:squid_cache_t for /var/spool/squid (the one > that works) and system_u:object_r:squid_cache_t for the one that > doesn't, That different field is for the SELinux identity, which doesn't come much into play for the targeted policy. You get 'system_u:object_r' when something has been created by a system process, you get 'root:object_r' when something has been created by the root user. There is an actual SELinux user 'root' that corresponds to the Linux user 'root'. - Karsten -- Karsten Wade, RHCE * Sr. Tech Writer * http://people.redhat.com/kwade/ gpg fingerprint: 2680 DBFD D968 3141 0115 5F1B D992 0E06 AD0E 0C41 IT executives rate Red Hat #1 for value http://www.redhat.com/promo/vendor/
