Description of problem: Cannot set SELinux label for eclipse from off. site. Version-Release number of selected component (if applicable): How reproducible: Download eclipse from official site (eg. Classic). Unpack to /opt. Set java_exec_t label for eclipse executable. It resets to bin_t Steps to Reproduce: 1.semanage fcontext -a -t java_exec_t -f -- '/opt/eclipse/eclipse' 2.restorecon -v /opt/eclipse/eclipse Actual results: ls -Z /opt/eclipse/eclipse system_u:object_r:bin_t:s0 /opt/eclipse/eclipse Expected results: ls -Z /opt/eclipse/eclipse system_u:object_r:java_exec_t:s0 /opt/eclipse/eclipse Additional info: I know about Fedora Eclipse and use it at work in a multiuser environment, but there is some need to use the official version at home. For I began to use it since 2009, on a Slackware Linux. So when I'd switched to Fedora it was easier to continue with official version. Also neither Fedora nor official Eclipse could work with Sun or Oracle Java without this label. I use self-made RPMS for Java that are based on Paul Howarth's from http://www.city-fan.org/tips/SunJava6OnFedora and http://www.city-fan.org/tips/OracleJava7OnFedora. I have doubts about which component is responsible for such SELinux behavior, so I've specified policycoreutils.
This is expected. We use java policy no longer. We define type bin_t alias { java_exec_t }; which is a reason why you get bin_t.
Thank you. Now I see.