-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/12/2011 12:38 PM, Alan Stern wrote: > On Mon, 12 Dec 2011, David Quigley wrote: > >> It looks like your backup didn't backup the security labels. How >> did you make the back up? > > Suppose one makes a backup using rsync. What is the proper way to > back up the security labels along with the data? > > I tried using rsync's -X option, which is supposed to preserve > extended attributes. All that happened was I got a huge set of > errors because rsync wasn't allowed to set the security-label > attribute for the newly created backup files (and this was all > running as root). > > Alan Stern > I think it is often best to just run a restorecon on a bunch of files that get restored from an archive rather then storing the security attributes. The reason for this, is there is a chance that the default security label of a file might have changed since you created the archive. For example if you were updating from Fedora 15 to Fedora 16 and backed up your home directory, restoring the Fedora 15 labels is probably not what you want, you would want to ask the system how a properly labeled home directory should be and make it so.
restorecon -R -v /home Would fix all of the attributes in this case. In certain security sensitive environments you would want the labels to be stored, but I would figure in most cases people would prefer to have the labels match what the system expects. Why rsync was not able to maintain the labels I do not know, but you probably should have opened a bugzilla. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk7mPscACgkQrlYvE4MpobM3AACfTfGkQeTQmJyDEzfZQyFkzGWF zUEAoNt/i82hXS6r011qZQcD7vrlhM6n =JLpw -----END PGP SIGNATURE----- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
