Red Hat Bugzilla – Bug 304171
rsync does not carry selinux security context across transfer
Last modified: 2010-10-22 14:55:30 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; AT&T CSM8.0; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 1.1.4322)
Description of problem:
I'm using rsync to synchronize customer account files across multiple WEB servers. It copies files fine. The problem is that it does not maintain the selinux security context of these files which causes application access problems.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Create a file or files with other than default security context on the source machine.
2. run rsync -avz sourcedir rsync://destmachine/module
3. run ls -lZ on destination files.
Security context of the files on the remote machine after transfer reverted to default values.
All files should have retained the security context they were set to on the source machine.
I have over 150 customers with each customer directory structure having almost 3000 files (not all with same security context), so rsync would seem to be the only logical method for keeping all the customer files updated by only distributing those files that have changed (or their differences) across the LAN in a timely fashion with minimal overhead. I need this to use an rsync daemon on the remote WEB servers, so no root login is required. I prefer to not have to run any backend script to correct the context after the fact (due to number of files and additional manhours required). There is an open trouble ticket on this problem. It is 1768828.
Richard, to carry over SELinux labels rsync need to support syncing extended
We have this in RHEL5 (-X option) but not in RHEL4.
I will see if we can address this in an update.
Development Management has reviewed and declined this request. You may appeal
this decision by reopening this request.