> When I run #make relabel, /home gets labeled as default_t. However, when I > run #/sbin/restorecon /home, /home gets labeled as home_root_t. This > confuses me, since according to the O'Reilly book both commands refer to > /src/policy/file_contexts/file_contexts. Where else might /sbin/restorecon > be getting its information from? Not sure, but I thought make relabel skipped /home entirely. > Furthermore, I notice that /src/policy/file_contexts/file_contexts does not > contain the string home_root_t. I suppose that home_root_t comes from the > homedir_template file during the Make process, but then why doesn't #make > relabel correctly label /home? That sounds like a bug, but I'm not seeing the same thing on rawhide. Then again, I run strict policy. home_root_t goes into file_contexts.homedirs (and that gets created from the template) > I also notice that my context/files/file_contexts file is stale. Doing > #make relabel or #make reload doesn't update it. I think that was fixed in rawhide. Try make install? > Does this file ever get > referenced anyway, since all the relabeling utilities seem to use > /src/policy/file_contexts/file_contexts instead? They do? Nothing should be using that file, except things involved in installing the policy sources. > If it does get used, who > uses it? And how can I be sure it gets updated to match > src/policy/file_contexts/file_contexts? make load *should* be sufficient, but you might be seeing a bug - try make install. > Any help in demystifying the file labeling procedure is appreciated! Hopefully others on this list can help you more, but basically, everything should be using contexts/files/file_contexts, and the file_contexts.homedirs. Nothing should be using the src file - that's strictly policy sources. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
