On Thu, 2006-03-30 at 01:00 -0300, Rodrigo Barbosa wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, Mar 29, 2006 at 08:47:16PM -0700, Craig White wrote: > > On Wed, 2006-03-29 at 22:43 -0500, Ignacio Vazquez-Abrams wrote: > > > On Thu, 2006-03-30 at 00:21 -0300, Rodrigo Barbosa wrote: > > > > In one of my CentOS machines (originally installed with 4.0, not 4.3), > > > > several of my files lost their selinux context information. Several > > > > others are with wrong values. > > > > > > > > Is there a way to restore the original selinux context on these files ? > > > > Maybe using RPM (even tho I don't think the value is stored on the > > > > RPM database, I'm not sure). > > > > > > fixfiles relabel > > ---- > > that might be the mallet when all it needs is a little tap. > > Not in my case. I mean, even /bin/bash was with wrong contexts until > a few days ago. And /etc/passwd :) > > > that also requires a reboot doesn't it? > > Not likely. I mean, yes, it would be recomended, but I'm pretty good > as changing things without needing to reboot, and I'm daring enough to > do it :) After all, it is not like this is an important machine. It is > just my company main internet server :) ---- It sort of occurs to me that breaking the security contexts of things like /etc/passwd and /bin/bash (/bin/sh) suggests to me that a much larger problem exists. fixfiles relabel is a time consuming process (perhaps not a big deal) but can change things that were specifically labeled other than the default setting, creating new issues. # rpm -q --whatprovides /etc/passwd setup-2.5.44-1.1 (my FC-4 system) # fixfiles -R setup restore [root at lin-workstation activeldap]# rpm -q --whatprovides /bin/bash bash-3.0-31 (again my FC-4 system) # fixfiles -R bash restore Craig