Hello, I'm backing up a Red Hat Enterprise Linux 4 with enabled SELinux support. It seems that SELinux "security contexts" for files aren't backed up by rdiff-backup.
I tought that SELinux's security contexts were implemented by extended attributes (and that rdiff-backup would therefore be able to record them), but - well, rdiff-backup doesn't seem to store them, even when doing filesystem-to-filesystem backups on the same file system (no network in-between). The file system is ext3, and the "Filesystem features" row of tune2fs output claims "ext_attr" (among other things). However, strangely, this doesn't work: cd /var/test touch foo setfattr -u bar -v baz foo Error message: "setfattr: foo: Operation not supported". And "getfattr foo" simply shows nothing for the file. However, "ls -lZ foo" yields: -rw-r--r-- root root root:object_r:var_lib_t foo - so the file certainly has a security context. strace'ing on "ls -lZ foo" shows calls to getxattr and lgetxattr (can't find any man pages on these functions). So something "fishy" is going on; probably a strange interaction between SELinux and the "normal" was of obtaining file extended attributes. It even seems that two different types of file extended attributes exist: user extended attributes, and system extended attributes. Hmm. I'm thinking: rdiff-backup could probably somehow be modified to obtain SELinux security contexts. Gentoo seems to have a python-selinux package, but I can't find it elsewhere. If I find out which c library has getxattr()/lgetxattr(): Is it possible for rdiff-backup to issue c library functions, without having a python-selinux layer installed? -- Greetings from Troels Arvin _______________________________________________ rdiff-backup-users mailing list at [email protected] http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
