On Wed, 2010-02-17 at 14:37 -0500, Alan Rouse wrote: > Oops. > > I'm a bit confused though. What are the scenarios that trigger an > autorelabel? I've not had any luck with the -autorelabel kernel boot > parameter, nor with the /.autorelabel flag file. OTOH sometimes when > I reboot it (apparently) decides to autorelabel. In Fedora, automatic relabeling is performed by /etc/rc.d/rc.sysinit. It is triggered if SELinux is enabled and either: 1) the word "autorelabel" appears as a parameter in the kernel command line, or 2) a file named "/.autorelabel" exists (in which case the file is then removed) The /.autorelabel file is automatically created by rc.sysinit if you ever boot with SELinux disabled so that a subsequent boot with SELinux re-enabled will trigger the automatic relabeling as well. In any event, you can always just run fixfiles -F restore yourself (or run 'make relabel' from the refpolicy directory). -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
