On Sun, 2005-05-15 at 11:49 -0700, Tom London wrote: > Running strict/enforcing, latest rawhide. > > I changed an existing user to a 'sysadm' user by adding to > local.users, rebuilt/installed new policy, and did a 'restorecon -v > -R' of home directory, /etc, /tmp, .... > > On reboot, logging shows that the preexisting /tmp/gconfd-XXX > remained labeled as 'user_u:....'. > > Removing it (and several 'aumix*' files that were similarly labeled), > and rebooting 'fixed' this. > > Is this the best, or does it make sense to considering adding 'per > user' rules for such files? I have patches that addresses exactly this, and they are pending being merged post FC4. The patches create a new USER expansion, and begin using it to label the orbit and gconf folder. -- Ivan Gyurdiev <ivg2@xxxxxxxxxxx> Cornell University -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
