After a yum update, my nfs server stopped working. I tracked this down to /var/lib/rpcbind/ containing mislabelled files. (15:14:46:root@gelk:lib)# ll rpcbind/ -Z -rw------- rpc root system_u:object_r:var_lib_t portmap.file -rw------- rpc root system_u:object_r:var_lib_t rpcbind.file (15:14:48:root@gelk:lib)# restorecon rpcbind/* (15:14:58:root@gelk:lib)# ll rpcbind/ -Z -rw------- rpc root system_u:object_r:rpcbind_var_lib_t portmap.file -rw------- rpc root system_u:object_r:rpcbind_var_lib_t rpcbind.file I'm not sure if this a problem with the policy or rpcbind doing something wrong.
How was the /var/lib/rpcbind directory created? If it is part of the package as it is in Rawhide, then it would be labeled correctly. Did you remove the directory?
This rpcbind spec file creates /var/lib/rpcbind when the package is installed and removed when the packages is erased.
RIght this would label the directory correctly. So I surmise that someone or some package removed the directory and recreated it, causing the directory to get the file context of it's parent.
not guilty! I've no idea what caused it to lose its label. This box has run f8 the whole time, and hasn't been booted with selinux=0 at all. seems to be labelled correctly after removing/reinstalling the package anyway. spooky.