Hi people, i have the following policy version installed selinux-policy-3.3.1-107.fc9.noarch selinux-policy-devel-3.3.1-107.fc9.noarch selinux-policy-targeted-3.3.1-107.fc9.noarch I create an Selinux policy and generated the following filecontexts [root@MALTA konsu]# semanage fcontext -l | grep yule /etc/init.d/yule regular file system_u:object_r:yule_script_exec_t:s0 /var/run/yule.pid regular file system_u:object_r:yule_var_run_t:s0 /var/log/yule(/.*)? regular file system_u:object_r:yule_log_t:s0 /var/lib/yule(/.*)? regular file system_u:object_r:yule_var_lib_t:s0 /etc/yulerc regular file system_u:object_r:yule_config_t:s0 /usr/local/sbin/yule regular file system_u:object_r:yule_exec_t:s0 Allt he files seems to become labelled normally as expected except /etc/init.d/yule [root@MALTA konsu]# restorecon -R -v /etc/init.d/yule [root@MALTA konsu]# ls -lrtZ /etc/init.d/yule -rwx------ root root system_u:object_r:initrc_exec_t:s0 /etc/init.d/yule I cannot get rid of initrc_exec_t. Although my script is still confined correctly, I would like to label this file normally, is there a reason why restorecon fails ? many thanks konrad fedora-selinux-list -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
