Hello, I must be missing something in my understanding of selinux but I'm having problem where the root user can not change the selinux type of a directory. I am running in targeted mode. I was experimenting and changed the type of /tmp/bah to "unconfined_t". I am now unable to either delete the directory or to change the type back to "tmp_t " chcon -R -t tmp_t /tmp/bah/ Results in: chcon: failed to change context of `/tmp/bah/' to `unconfined_u:object_r:tmp_t:s0': Permission denied Audit2allow is suggesting "allow unconfined_t self:dir relabelfrom;" but I don't want to apply that because it seems that would allow all unconfined files/processes to relabel themselves, is that correct? Thanks for any tips. Eric Notice of Confidentiality: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error please contact the sender immediately by return electronic transmission and then immediately delete this transmission including all attachments without copying, distributing or disclosing the same. |
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
