SE Linux context not restored during file level restore

marcinek

ADSM.ORG Member
Joined
Sep 14, 2004
Messages
52
Reaction score
0
Points
0
Location
Warsaw, Poland
PREDATAR Control23

Hello Everyone!
I have lost my /home contents few day ago. I had to restore it from TSM. I'm running Fedora 21 workstation, but I'm sure this should apply to all fairly modern distros including CentOS/RH7 which are supported as a clients.
Restore was successfull, but all files got restored an unconfined_u (regular files for power-user). Some of them, mostly config files like<dot>something should get other context, ie mozilla_home_t, config_home_t and so on. It's not the problem so far, as selinux=permissive is allowed, but when it goes to enforcing, the systems will be useless.

My questions are:
Is there a way to make TSM Client save context information on files ? I use 7.1 client with.... 5.5.7 server :-\
Perhaps new servers can already store this info ?
Any other backup tool that is SE Linux context aware ?
 
PREDATAR Control23

Hi,

2 cents - it is quite a long time I had to dive into SELinux - so I may not be correct.
As far as I remember the file SELinux context is not meant to be set "per file" or backed up{restored wit the file.
You should have the rules set and after file restore just run something like
"restorecon -RvvF <path>" (recursive, verbose, force)
Harry
 
PREDATAR Control23

Hi,

2 cents - it is quite a long time I had to dive into SELinux - so I may not be correct.
As far as I remember the file SELinux context is not meant to be set "per file" or backed up{restored wit the file.
You should have the rules set and after file restore just run something like
"restorecon -RvvF <path>" (recursive, verbose, force)
Harry


Hi,
Thanks!
Looks like only Chrome is resistant to your solution. Everything else works like charm.
However for Chrome there is a simple solution: wipe everything, and log on again - everything gets recreated from the google cloud.
 
Top