My logs are full of an error about multiple same specifications like these: Aug 10 04:07:46 node1 netlogon: /etc/selinux/targeted/contexts/files/file_contexts: Multiple same specifications for /cmshome/cms/Baskets/In(/.*)*. Aug 10 04:07:46 node1 netlogon: /etc/selinux/targeted/contexts/files/file_contexts: Multiple different specifications for /cmshome/cms/Baskets/In (system_u:object_r:public_content_rw_t:s0 and system_u:object_r:home_root_t:s0). Aug 10 05:03:17 node1 netlogon: /etc/selinux/targeted/contexts/files/file_contexts: Multiple different specifications for /cmshome/cms/Baskets/In/[^/]* (system_u:object_r:public_content_rw_t:s0 and user_u:object_r:user_home_dir_t:s0). When I change into /etc/selinux/targeted/contexts/files and grep for /cmshome/cms/Baskets/In I get this: file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/.+ user_u:object_r:user_home_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/.virtinst(/.*)? user_u:object_r:virt_content_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/.*/plugins/nprhapengine\.so.* -- user_u:object_r:textrel_shlib_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/.*/plugins/libflashplayer\.so.* -- user_u:object_r:textrel_shlib_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/((www)|(web)|(public_html)|(public_git))(/.+)? user_u:object_r:httpd_user_content_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/bin(/.*)? user_u:object_r:home_bin_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.ssh(/.*)? user_u:object_r:sshd_key_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.mozilla(/.*)?/plugins/libflashplayer\.so.* -- user_u:object_r:textrel_shlib_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.spamassassin(/.*)? user_u:object_r:spamassassin_home_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/VirtualMachines(/.*)? user_u:object_r:virt_image_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/cxoffice/bin/wine.+ -- user_u:object_r:wine_exec_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/VirtualMachines/isos(/.*)? user_u:object_r:virt_content_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]* -d user_u:object_r:user_home_dir_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.k5login -- user_u:object_r:krb5_home_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.fetchmailrc -- user_u:object_r:fetchmail_home_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/lost\+found/.* <<none>> file_contexts.homedirs:/cmshome/cms/Baskets/In -d system_u:object_r:home_root_t:s0 file_contexts.homedirs:/cmshome/cms/Baskets/In/\.journal <<none>> file_contexts.homedirs:/cmshome/cms/Baskets/In/lost\+found -d system_u:object_r:lost_found_t:s0 file_contexts.local:/cmshome/cms/Baskets/In -d system_u:object_r:public_content_rw_t:s0 file_contexts.local:/cmshome/cms/Baskets/In(/.*)* -d system_u:object_r:public_content_rw_t:s0 file_contexts.local:/cmshome/cms/Baskets/In/[^/]* -d system_u:object_r:public_content_rw_t:s0 file_contexts.local:/cmshome/cms/Baskets/In(/.*)* system_u:object_r:public_content_rw_t:s0 When I try to remove the home_dir specification I get this: [root@node1 files]# /usr/sbin/semanage fcontext -d -t user_home_dir_t -d "/cmshome/cms/Baskets/In/[^/]*" /usr/sbin/semanage: File context for /cmshome/cms/Baskets/In/[^/]* is not defined >From googling I think that's because semanage only manages local definitions and the user_home_dir_t is coming from the policy module because the following directories are home directories from various different accounts in the system (they are part of the application that runs on there). These are home directories in /etc/passwd of some accounts: /cmshome/cms /cmshome/cms/Baskets/In/Mails /cmshome/cms/Baskets/In/AdImport /cmshome/cms/Baskets/In/Photos /cmshome/cms/Baskets/Out/AdReports /cmshome/cms/Baskets/Out/WebExport /cmshome/cms/Baskets/Out/HiResProofer /cmshome/cms/Baskets/Out/Typeset /cmshome/cms/Baskets/In/Graphics /cmshome/cms/Baskets/In/XMLPlanner /cmshome/cms/Baskets/Out/Archive I want to make sure everything under /cmshome/cms/Baskets/In is public_content_rw_t. Fortunately my local policy is winning when relabeling occurs. How can I resolve this error or can I? Thanks, Maria -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
