On 01/07/2013 03:59 AM, lhecking@users.sourceforge.net wrote:
Big mistake. Most or all services with config files under /etc could no longer read their config files, including ssh. It looks like the selinux type was substituted rather than added? Thankfully, I was able to recover.
Yes, I believe that you added a new file context rule to the configuration, and that rule had precedence over the system policy. Files have just one context.
What is the correct way to give rsync full access to everything under selinux?
The easiest way is to use rsync over ssh, rather than rsync as a daemon. As long as you aren't running it as a daemon, I don't believe that it's confined.
Also, run rsync with -v to get more information about what's being skipped and why, and run 'tail -f /var/log/audit/audit.log' while you rsync to make sure that there aren't AVCs logged. If there aren't AVCs, it's probably not an SELinux problem.