On Mon, 2005-06-13 at 13:05 +0200, Göran Uddeborg wrote: > There seems to be something more involved, though. When doing > "rpm -Va" I get complaints about a few files. Doing restorecon > doesn't change anything. See below for /etc/idmapd.conf as an > example. > > My rpm is from FC3 while SELinux-packages are from FC4 test, in case > this could be a compatibility issue. > > I would like to understand what is going on here. > > [root@mimmi ~]# rpm -Vf /etc/idmapd.conf > ..5....TC c /etc/idmapd.conf > S.5....T. c /var/lib/nfs/etab > S.5....T. c /var/lib/nfs/rmtab > ........? /var/lib/nfs/rpc_pipefs > ..?...... c /var/lib/nfs/state > ..?....T. c /var/lib/nfs/xtab > [root@mimmi ~]# ls -lZ /etc/idmapd.conf > -rw-r--r-- root root root:object_r:etc_t /etc/idmapd.conf > [root@mimmi ~]# /sbin/restorecon /etc/idmapd.conf > [root@mimmi ~]# ls -lZ /etc/idmapd.conf > -rw-r--r-- root root root:object_r:etc_t /etc/idmapd.conf > [root@mimmi ~]# rpm -Vf /etc/idmapd.conf > ..5....TC c /etc/idmapd.conf > S.5....T. c /var/lib/nfs/etab > S.5....T. c /var/lib/nfs/rmtab > ........? /var/lib/nfs/rpc_pipefs > ..?...... c /var/lib/nfs/state > ..?....T. c /var/lib/nfs/xtab > [root@mimmi ~]# rpm -qf /etc/idmapd.conf > nfs-utils-1.0.7-6 > [root@mimmi ~]# rpm -q rpm selinux-policy-strict-sources selinux-policy-strict > rpm-4.3.2-21 > selinux-policy-strict-sources-1.23.16-6 > selinux-policy-strict-1.23.16-6 Try restorecon -F. By default, restorecon ignores differences in the user identity (root vs. system_u). The initial state is typically system_u (system user), but if a root-owned process later re-creates the file, then it will end up with root. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list