Hi, I've done the following: - Copy usr content with rsync to another partition: rsync -av --partial --progress /usr/ /mnt Then, unmounted, added to fstab a line for /usr, then deleted /usr/* (not the directory itself). But I've found that is bad labeled: ls -Z /usr unconfined_u:object_r:unlabeled_t:s0 bin unconfined_u:object_r:unlabeled_t:s0 local unconfined_u:object_r:unlabeled_t:s0 games unconfined_u:object_r:unlabeled_t:s0 sbin unconfined_u:object_r:unlabeled_t:s0 include unconfined_u:object_r:unlabeled_t:s0 share unconfined_u:object_r:unlabeled_t:s0 lib unconfined_u:object_r:unlabeled_t:s0 src unconfined_u:object_r:unlabeled_t:s0 lib64 unconfined_u:object_r:unlabeled_t:s0 tmp How can I restore the default contexts? I've tried with restorecon and with fixfiles, but no luck, for example: matchpathcon -V /usr /usr error: No data available How can I fix this? Thanks in advance. -- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org
nevermind, I think is fixed: ls -Z /usr unconfined_u:object_r:bin_t:s0 bin unconfined_u:object_r:usr_t:s0 local unconfined_u:object_r:usr_t:s0 games unconfined_u:object_r:bin_t:s0 sbin unconfined_u:object_r:usr_t:s0 include unconfined_u:object_r:usr_t:s0 share unconfined_u:object_r:lib_t:s0 lib unconfined_u:object_r:usr_t:s0 src unconfined_u:object_r:lib_t:s0 lib64 unconfined_u:object_r:usr_t:s0 tmp unconfined_u:object_r:bin_t:s0 libexec isn't it? I simply re-enabled selinux in /etc/selinux/config and rebooted... HTH El mar., 4 feb. 2020 a las 14:59, Sergio Belkin (<sebelk at gmail.com>) escribi?:> Hi, > I've done the following: > - Copy usr content with rsync to another partition: > > rsync -av --partial --progress /usr/ /mnt > > Then, unmounted, added to fstab a line for /usr, then deleted /usr/* (not > the directory itself). But I've found that is bad labeled: > > ls -Z /usr > unconfined_u:object_r:unlabeled_t:s0 bin > unconfined_u:object_r:unlabeled_t:s0 local > unconfined_u:object_r:unlabeled_t:s0 games > unconfined_u:object_r:unlabeled_t:s0 sbin > unconfined_u:object_r:unlabeled_t:s0 include > unconfined_u:object_r:unlabeled_t:s0 share > unconfined_u:object_r:unlabeled_t:s0 lib > unconfined_u:object_r:unlabeled_t:s0 src > unconfined_u:object_r:unlabeled_t:s0 lib64 > unconfined_u:object_r:unlabeled_t:s0 tmp > > How can I restore the default contexts? > > I've tried with restorecon and with fixfiles, but no luck, for example: > > matchpathcon -V /usr > /usr error: No data available > > How can I fix this? > > Thanks in advance. > -- > -- > Sergio Belkin > LPIC-2 Certified - http://www.lpi.org >-- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org
Am 04.02.20 um 18:59 schrieb Sergio Belkin:> Hi, > I've done the following: > - Copy usr content with rsync to another partition: > > rsync -av --partial --progress /usr/ /mnt > > Then, unmounted, added to fstab a line for /usr, then deleted /usr/* (not > the directory itself). But I've found that is bad labeled: > > ls -Z /usr > unconfined_u:object_r:unlabeled_t:s0 bin > unconfined_u:object_r:unlabeled_t:s0 local > unconfined_u:object_r:unlabeled_t:s0 games > unconfined_u:object_r:unlabeled_t:s0 sbin > unconfined_u:object_r:unlabeled_t:s0 include > unconfined_u:object_r:unlabeled_t:s0 share > unconfined_u:object_r:unlabeled_t:s0 lib > unconfined_u:object_r:unlabeled_t:s0 src > unconfined_u:object_r:unlabeled_t:s0 lib64 > unconfined_u:object_r:unlabeled_t:s0 tmp > > How can I restore the default contexts? > > I've tried with restorecon and with fixfiles, but no luck, for example: > > matchpathcon -V /usr > /usr error: No data available > > How can I fix this? >restorecon -R /usr -- Leon
On 2/4/20 9:59 AM, Sergio Belkin wrote:> Hi, > I've done the following: > - Copy usr content with rsync to another partition: > > rsync -av --partial --progress /usr/ /mnt > > Then, unmounted, added to fstab a line for /usr, then deleted /usr/* (not > the directory itself). But I've found that is bad labeled: > > ls -Z /usr > unconfined_u:object_r:unlabeled_t:s0 bin > unconfined_u:object_r:unlabeled_t:s0 local > unconfined_u:object_r:unlabeled_t:s0 games > unconfined_u:object_r:unlabeled_t:s0 sbin > unconfined_u:object_r:unlabeled_t:s0 include > unconfined_u:object_r:unlabeled_t:s0 share > unconfined_u:object_r:unlabeled_t:s0 lib > unconfined_u:object_r:unlabeled_t:s0 src > unconfined_u:object_r:unlabeled_t:s0 lib64 > unconfined_u:object_r:unlabeled_t:s0 tmp > > How can I restore the default contexts? > > I've tried with restorecon and with fixfiles, but no luck, for example: > > matchpathcon -V /usr > /usr error: No data available > > How can I fix this? > > Thanks in advance.The -X option to rsync will copy all extended attributes from the old to the new filesystem. Nataraj
> Hi, > I've done the following: > - Copy usr content with rsync to another partition: > > rsync -av --partial --progress /usr/ /mntI won't comment on you real question but just want to suggest to really add -H to the rsync here as there are hardlinks in /usr you really want to keep. Simon> > Then, unmounted, added to fstab a line for /usr, then deleted /usr/* (not > the directory itself). But I've found that is bad labeled: > > ls -Z /usr > unconfined_u:object_r:unlabeled_t:s0 bin > unconfined_u:object_r:unlabeled_t:s0 local > unconfined_u:object_r:unlabeled_t:s0 games > unconfined_u:object_r:unlabeled_t:s0 sbin > unconfined_u:object_r:unlabeled_t:s0 include > unconfined_u:object_r:unlabeled_t:s0 share > unconfined_u:object_r:unlabeled_t:s0 lib > unconfined_u:object_r:unlabeled_t:s0 src > unconfined_u:object_r:unlabeled_t:s0 lib64 > unconfined_u:object_r:unlabeled_t:s0 tmp > > How can I restore the default contexts? > > I've tried with restorecon and with fixfiles, but no luck, for example: > > matchpathcon -V /usr > /usr error: No data available > > How can I fix this? > > Thanks in advance. > -- > -- > Sergio Belkin > LPIC-2 Certified - http://www.lpi.org > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >
> The -X option to rsync will copy all extended attributes from the old to > the new filesystem. >Yes, I discovered this when I rsync'd a whole 4Tb filesystem and the backup system decided everything had changed because the attributes had changed. I've settled on using "rsync -avHAX ..." and that seems to keep everything preserved. P.