On Tue, Aug 14, 2012 at 2:21 PM, Dominick Grift <dominick.grift@xxxxxxxxx> wrote: > You might want to check out the semanage --equiv option. (man semanage) > > That basically allows you to alias existing file context structures: > > heres an example from man semanage: > > For home directories under top level directory, for > example /disk6/home, > execute the following commands. > # semanage fcontext -a -t home_root_t "/disk6" > # semanage fcontext -a -e /home /disk6/home > # restorecon -R -v /disk6 > > so in your case you might want to make /data equivalent to / or > something > > semanage fcontext -a -e / /data > restorecon -R -v -F /data > > That should label /data root_t, /data/var var_t, /data/var/lib var_lib_t > etc. > > just as if it was your main file system. > So this sounds exactly what i would like to do with my Luks encrytped USB back up drive. Unfortunately, I'm stumbling across the fact that the drive is 'automagically' mounted (when I login or power it on), and it gets mounted on /run/media/tbl/Backup1TB: /dev/mapper/luks-94a9d7d7-f819-4c2c-b735-81bb28db0426 on /run/media/tbl/Backup1TB type ext4 (rw,nosuid,nodev,relatime,seclabel,data=ordered,uhelper=udisks2) The 'semanage -e' command spews: [root@tlondon ~]# semanage fcontext -a -e / /run/media/tbl/Backup1TB/X200 /sbin/semanage: File spec /run/media/tbl/Backup1TB/X200 conflicts with equivalency rule '/run /var/run'; Try adding '/var/run/media/tbl/Backup1TB/X200' instead [root@tlondon ~]# Appears that '/var/run/media' doesn't exist on my system (I guess /run and /var/run are not really 'equivalent'?). This an issue with my system (e.g., do I need an explicit entry in fstab or some such)? With the scaffolding that deals with /run and /var/run? Other? Should this work? Thanks, tom -- Tom London -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
