On Friday 10 October 2008 13:08, Murray McAllister <mmcallis@xxxxxxxxxx> wrote: > > The inheriting of file contexts from a directory (in the absence of > > policy rules specifying otherwise) has AFAIK always been the design of SE > > Linux. > > When would "tar | restorecon -f -" be used if files inherit contexts > from parent directories (if policy has not be changed)? Sorry, I am a > bit slow :) For the case where the desired context for a file does not match the default context. One example (which is probably covered by restorecond) is /etc/shadow. If you extract a tar file which has a file named shadow with the current directory being /etc then it will get the type etc_t (while such things are not generally recommended they are in the range of tasks which are not uncommon for sysadmins). The command described previously would result in the file being relabelled as shadow_t. Of course it would have a race condition, but let's assume for the sake of discussion that the machine is in single-user mode. The above example assumes that the file /etc/shadow does not exist at the time the tar file is extracted (tar will truncate an existing file and keep the same context). -- russell@xxxxxxxxxxxx http://etbe.coker.com.au/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
