On Sat, 14 Feb 2009 12:34:10 +1000 Murray McAllister <mmcallis@xxxxxxxxxx> wrote: > Paul Howarth wrote: > > Steven Stromer wrote: > >>> What's the output of: > >>> > >>> # audit2allow < /var/log/audit/audit.log > >>> > >>> Paul. > >>> > >> > >> > >> Paul, > >> > >> Thanks for the time! I understand what you are saying. I have set: > >> > >> chcon -R -h -t home_root_t /home > >> > >> so that the entire path's heirarchy will be consistent, > > > > No no, this is wrong. home_root_t is for directories that *contain* > > home directories, not the home directories and their contents > > themselves. > > > > I'd do a "restorecon -RF /home" to fix that, then put back the > > contexts on your share areas as you wanted them (e.g. samba_share_t > > or public_content_rw_t etc.). > > When should restorecon -F be used? I read the man page but can't > figure out how it is different to just running restorecon without -F. Using -F also fixes up the user part of the context and restores the contexts of files that have been changed to customizable types e.g. some of the httpd_* types, so it's sometimes necessary to use -F to fix those. Paul. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
