[CentOS] Excluding file systems from autorelabel

Daniel J Walsh dwalsh at redhat.com
Thu Dec 27 15:11:46 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/27/2012 06:09 AM, Markku Kolkka wrote:
> 27.12.2012 3:03, James A. Peltier kirjoitti:
> 
>> I'm really feeling dense today.  I can't find anywhere in the FTP man
>> page anything related to SELinux labels.
> 
> See "man ftpd_selinux".
> 
Depending on your virsion, you should be able to add an entry like /exports to
 /etc/selinux/fixfiles_exclude_dirs

And fixfiles should exclude this directory. (Autorelabel/rpm updates)

grep fixfiles_exclude_dirs /sbin/fixfiles

Another way to do this is to add a mount option to the directories mounted at
/exports

mount -o context="..."

Autorelabel does not relabel anything mounted with a context option.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlDcZTIACgkQrlYvE4MpobOM/QCeOr1NZvQhbvfVv2AbKeXq/4ZN
OSYAn3XBY/52nqLQu2fSj+ULai8Lbtn1
=WPMn
-----END PGP SIGNATURE-----



More information about the CentOS mailing list