On Mon, January 7, 2013 06:59, lhecking@users.sourceforge.net wrote:
I'm trying to use rysnc to back up some directories on a CentOS6 machine that uses selinux in enforcing mode. Most files didn't transfer, so I tried the example from rsync_selinux(8):
Allow rsync servers to read the /var/rsync directory by addingthe pub- lic_content_t file type to the directory and by restoring the file type.
semanage fcontext -a -t public_content_t "/var/rsync(/.*)?" restorecon -F -R -v /var/rsyncexcept I substituted /etc for /var/rsync.
Big mistake. Most or all services with config files under /etc could no longer read their config files, including ssh. It looks like the selinux type was substituted rather than added? Thankfully, I was able to recover.
What is the correct way to give rsync full access to everything under selinux?
I use rsync extensively to transfer entire systems from and to SElinux enforcing environments and have never had a problem with reads using rsync when logged on as the root user. My typical command line is some variation of the following:
/usr/bin/rsync -avX --delete-after --specials --times \ --exclude-from=/root/rsync.d/exclude.list \ 192.168.216.29:/* /.
Are you connecting as the root user?