normally I have not so much to do with SElinux but I expected to get in touch sooner or later :-)
I migrated a backup-system from El5 to EL6 and the rsync backup process is complaining about selinux attr’s now.
client <-> server (fetches via rsync -aHAX)
client# sestatus SELinux status: disabled
server# sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: permissive Policy version: 24
Policy from config file: targeted
for example, no label for this file on client side:
client# ls -laZ /usr/share/zoneinfo/Africa/Bissau
-rw-r–r– root root /usr/share/zoneinfo/Africa/Bissau
but on server side:
rsync: rsync_xal_clear: lremovexattr(“usr/share/zoneinfo/Africa/.Bissau.WaE4wj”,”security.selinux”) failed: Permission denied (13)
server# ls -laZ /BACKUP/usr/share/zoneinfo/Africa/Bissau
-rw-r–r–. root root unconfined_u:object_r:locale_t:s0 usr/share/zoneinfo/Africa/Bissau
the local (server) destination is mounted like:
server# cat /proc/mounts |grep BACKUP
/dev/sdc1 /BACKUP ext3 rw,seclabel,nosuid,nodev,noatime,nodiratime,errors=continue,acl,barrier=1,data=ordered 0 0
this partition comes from the former system (EL5 productively used without labeling it and with SElinux disabled).
I started to enable SElinux (permissive) on new systems and therefore disabling SElinux like it was done before on the former system is not an option.
Any suggestions to avoid the default labeling “unconfined_u:object_r:locale_t:s0”?