Tom London wrote:
Running strict/enforcing, latest rawhide.
I changed an existing user to a 'sysadm' user by adding to local.users, rebuilt/installed new policy, and did a 'restorecon -v -R' of home directory, /etc, /tmp, ....
On reboot, logging shows that the preexisting /tmp/gconfd-XXX remained labeled as 'user_u:....'.
Removing it (and several 'aumix*' files that were similarly labeled), and rebooting 'fixed' this.
Is this the best, or does it make sense to considering adding 'per user' rules for such files?
tom
Currently autorelabel removes all files from /tmp/ for this reason. Ivan is working on some fixes for this, and per user /tmp might help also.
Dan
--
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
