On Wed, 2007-01-10 at 18:10 +0000, Adam Huffman wrote: > On 10/01/07, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > > Adam Huffman wrote: > > > Rather unwisely I followed through some advice from setroubleshootd on > > > a new FC6 test system without thinking through the implications. > > > > > > It advised me to run: > > > > > > chcon -R -t xen_image_t / > > > > > > because xend was having some trouble with virtual disk files. > > > > > > This had some interesting consequences, most of which I have been able > > > to fix via relabelling. > > > > > > However, there are still errors being reported for various daemons. E.g. > > > > > > SELinux is preventing /usr/sbin/cupsd (cupsd_t) "search" access to / > > > (xen_image_t). > > > > > > > xen images should be in their own directory. Not in / or /root. The > > default directory for xen images is under /var/lib/xen, which would > > solve your problem. I will take a look at the troubleshoot plugin to > > make fix it up. > > Yes, I was only experimenting with different locations because of an > error in virt-install (it was complaining that it couldn't get access > to the virtual disks I was creating). Use the force option (-F to fixfiles or restorecon) to force relabeling of even files with customizable types? -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
