> -rw-r--r-- smearp smearp user_u:object_r:user_home_t flashplayer.xpt > -rwxr-xr-x smearp smearp user_u:object_r:texrel_shlib_t This is correct, but it's not done automatically, because /home is entirely skipped when changing the contexts after a policy upgrade. Personally, I think this is a major problem, but Daniel Walsh points out that (1) automatic restorecon on /home presents a security risk of mislabeled files ( like gpg keys and such in the wrong place), and (2) automatic restorecon on /home might take a very long time. I think if we are to introduce more fine-grained labeling of "$HOME" in the future (which we should), this problem needs to be solved somehow. -- Ivan Gyurdiev <ivg2@xxxxxxxxxxx> Cornell University