What do these commands show? $ ls -Zd /opt $ ls -Zd /usr/opt They should have the same context, since it is a symlink, e.g. -- root:object_r:user_home_t. That might give you a clue about what is wrong. There may be a subdirecory of /opt with the wrong context.
If you figure out which settings the directory should have, you can set it with chcon, e.g. chcon -R --reference /var/www/html /var/www/html/www1 Or maybe in this case one of the subdirectories may need to be set to whatever /opt , or /opt/something/ is set to: chcon -R --reference /opt /opt or chcon -R --reference /opt/sub1 /opt I give a brief explanation of SELinux on one of my blog posts. http://systemnotesorg.blogspot.com/2007/05/rhce-study-notes-http.html - scottm -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gus Wirth Sent: Thursday, January 17, 2008 11:22 AM To: Main Discussion List for KPLUG Subject: selinux problems with /opt I have a stock install of Fedora 8. There were some programs I had that wanted to use /opt, but I didn't want to set up a /opt directory so instead I created /usr/opt and then symlinked /opt to that. Now every time I do something that causes selinux to be activated, like boot the system, I get the following message: /etc/selinux/targeted/contexts/files/file_contexts: Multiple different specifications for /opt (system_u:object_r:home_root_t:s0 and system_u:object_r:usr_t:s0). I've looked at the file_contexts file and don't see any conflicting rules [1]. A while back I posted about having a problem with sshd and selinux and I think that trying to troubleshoot that problem caused this problem. Any hints on where to start poking around? Since I'm not seeing any conflicts in the text policy file I'm thinking there must be some compiled ruleset somewhere that has a differing policy. Gus [1] The file_contexts file is disorganized. To check it for conflicting entries I had to grep for /opt and then sort it. -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
