Florin Andrei wrote:
I've a FC4 server that's slightly customized: - /var/lib/imap and /var/spool/imap are moved to /home/cyrus (and /home is a separate partition) - /var/spool/squid is moved to another place (separate partition) - /var/lib/mysql is moved to another place (separate partition) - /var/log is on it's own partition I customized the policy so that Cyrus IMAPd can access /home/cyrus properly. But then I did "touch /.autorelabel; reboot" and Cyrus broke completely. Upon investigation, I noticed that the security contexts of the Cyrus folders in /home/cyrus were altered, from e.g. system_u:object_r:cyrus_var_lib_t to... I forgot to what - something else anyway. Questions: Why autorelabel changes the security contexts? How can I tell autorelabel to leave alone /home/cyrus (or give it the security contexts that I want those files to have)?
You need to modify file_context.local to match the context you want.
I am asking these questions because I want to upgrade the server to FC5, keep the partitioning scheme, but avoid the multiple and annoying SELinux issues I had when I installed FC4 on that machine. So I guess the questions are at the same time for FC4 and FC5.
In fc5 you can use semanage to make these changes. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
