Multiple same specifications

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



My logs are full of an error about multiple same specifications like
these:

Aug 10 04:07:46 node1 netlogon:
/etc/selinux/targeted/contexts/files/file_contexts: Multiple same
specifications for /cmshome/cms/Baskets/In(/.*)*. 

Aug 10 04:07:46 node1 netlogon:
/etc/selinux/targeted/contexts/files/file_contexts: Multiple different
specifications for /cmshome/cms/Baskets/In
(system_u:object_r:public_content_rw_t:s0 and
system_u:object_r:home_root_t:s0). 

Aug 10 05:03:17 node1 netlogon:
/etc/selinux/targeted/contexts/files/file_contexts: Multiple different
specifications for /cmshome/cms/Baskets/In/[^/]*
(system_u:object_r:public_content_rw_t:s0 and
user_u:object_r:user_home_dir_t:s0). 

When I change into /etc/selinux/targeted/contexts/files and grep for
/cmshome/cms/Baskets/In I get this:

file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/.+
user_u:object_r:user_home_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/.virtinst(/.*)?
user_u:object_r:virt_content_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/.*/plugins/nprhapengine\.so.*
--	user_u:object_r:textrel_shlib_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/.*/plugins/libflashplayer\.so.*
--	user_u:object_r:textrel_shlib_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/((www)|(web)|(public_html)|(public_git))(/.+)?
user_u:object_r:httpd_user_content_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/bin(/.*)?
user_u:object_r:home_bin_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.ssh(/.*)?
user_u:object_r:sshd_key_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.mozilla(/.*)?/plugins/libflashplayer\.so.*
--	user_u:object_r:textrel_shlib_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.spamassassin(/.*)?
user_u:object_r:spamassassin_home_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/VirtualMachines(/.*)?
user_u:object_r:virt_image_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/cxoffice/bin/wine.+
--	user_u:object_r:wine_exec_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/VirtualMachines/isos(/.*)?
user_u:object_r:virt_content_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*	-d
user_u:object_r:user_home_dir_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.k5login	--
user_u:object_r:krb5_home_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/[^/]*/\.fetchmailrc
--	user_u:object_r:fetchmail_home_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/lost\+found/.*	<<none>>
file_contexts.homedirs:/cmshome/cms/Baskets/In	-d
system_u:object_r:home_root_t:s0
file_contexts.homedirs:/cmshome/cms/Baskets/In/\.journal	<<none>>
file_contexts.homedirs:/cmshome/cms/Baskets/In/lost\+found	-d
system_u:object_r:lost_found_t:s0
file_contexts.local:/cmshome/cms/Baskets/In -d
system_u:object_r:public_content_rw_t:s0
file_contexts.local:/cmshome/cms/Baskets/In(/.*)* -d
system_u:object_r:public_content_rw_t:s0
file_contexts.local:/cmshome/cms/Baskets/In/[^/]* -d
system_u:object_r:public_content_rw_t:s0
file_contexts.local:/cmshome/cms/Baskets/In(/.*)*
system_u:object_r:public_content_rw_t:s0

When I try to remove the home_dir specification I get this:
[root@node1 files]# /usr/sbin/semanage fcontext -d -t user_home_dir_t -d
"/cmshome/cms/Baskets/In/[^/]*" 
/usr/sbin/semanage: File context for /cmshome/cms/Baskets/In/[^/]* is
not defined

>From googling I think that's because semanage only manages local
definitions and the user_home_dir_t is coming from the policy module
because the following directories are home directories from various
different accounts in the system (they are part of the application that
runs on there).
These are home directories in /etc/passwd of some accounts:
/cmshome/cms
/cmshome/cms/Baskets/In/Mails
/cmshome/cms/Baskets/In/AdImport
/cmshome/cms/Baskets/In/Photos
/cmshome/cms/Baskets/Out/AdReports
/cmshome/cms/Baskets/Out/WebExport
/cmshome/cms/Baskets/Out/HiResProofer
/cmshome/cms/Baskets/Out/Typeset
/cmshome/cms/Baskets/In/Graphics
/cmshome/cms/Baskets/In/XMLPlanner
/cmshome/cms/Baskets/Out/Archive

I want to make sure everything under /cmshome/cms/Baskets/In is
public_content_rw_t. Fortunately my local policy is winning when
relabeling occurs. How can I resolve this error or can I?

Thanks,
Maria

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux