Hi, I'm trying to figure out how labels are actually created. I know rpm have the smarts to consult the file_contexts file in order to assign the coorect labels but I was doing some test with "touch" and I have some doubts. For example: cd /etc rm hosts touch hosts ls -lZ /etc/hosts (it shows etc_t as its type) If I do a restorecon of the hosts file I'll get the correct net_conf_t for the file. Since I don't think "touch" is SELinux aware (because if it was it would have created the file with the correct label), then, who|what created the SELinux context on the hosts file after using touch? Is it some low level facility (e.g. a system call) that assigns the label based just on the label of the parent directory? If it is, why doesn't it also consult the file_contexts fie? Thanks in advance, Jorge -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
