On Tue, 2005-02-15 at 02:04 -0600, Joe Cooper wrote:
Joe Cooper wrote:
also noticed that I'm actually getting slightly different labels than /var/spool/squid:
[root@localhost /]# ls -lZ /var/spool/squid drwxr-xr-x squid squid root:object_r:squid_cache_t 00 [root@localhost /]# ls -lZ /cache0 drwxr-xr-x squid squid system_u:object_r:squid_cache_t 00
So I've got root:object_r:squid_cache_t for /var/spool/squid (the one that works) and system_u:object_r:squid_cache_t for the one that doesn't,
That different field is for the SELinux identity, which doesn't come much into play for the targeted policy.
You get 'system_u:object_r' when something has been created by a system process, you get 'root:object_r' when something has been created by the root user. There is an actual SELinux user 'root' that corresponds to the Linux user 'root'.
Thanks for that explanation, Karsten. Some of these things are starting to make a bit of sense now. ;-)
