Fedora Linux Support Community & Resources Center
Old 27th May 2012, 02:44 PM
BillGradwohl Offline
Registered User
Join Date: Feb 2009
Location: Island of Roatan in the Caribbean
Posts: 263
rsync & selinux

I keep getting an SElinux alert on a specific file ( S.gpg-agent ) that I believe I have excluded via the rsync.conf.

The file actually exists at /root/.gnupg/S.gpg-agent

Attached is a screen shot of the message. Below is the line in the rsync.conf that I believe should be telling rsync not to process it.

filter=- / - *.tmp - *~ - *.bak - *.part - S.gpg-agent \

But then I do also say the following
+ /root/ - /root/.icedteaplugin/ + /root/*** \

so I'm not sure how rsync views a situation where I exclude it with a somewhat specific exclude ( - S.gpg.agent ) but then include it with a less specific include (+ /root/*** ).

I'm not sure at what point selinux gets involved exactly. If rsync just gets a directory listing and that file is included, does that trigger the alert (I doubt it) or does rsync have to try to get specific statistics on that file (probably)?

So, I'm not sure if my rsync spec is wrong or if rsync is trying to get info on a file (This is actually a socket) that its been told to ignore. Are the filter specs position dependant? Should I be including all of root and THEN excluding the file? Does the order of the specs mean anything?

Also, in general, why would rsync want to process a socket? I see no point in it ever touching sockets, so why isn't there an option to exclude all sockets? I've been thru man rsync and can't see any way of excluding a type of file, namely a socket.

Anyone have any ideas?
Attached Thumbnails
Click image for larger version

Name:	sealert.png
Views:	95
Size:	28.1 KB
ID:	23128  
Reply With Quote

rsync, selinux

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
selinux: hand tweaking policieand yum selinux-policy updates: overriden or perserved? mbiggerstaff Security and Privacy 2 20th January 2014 09:52 PM
SELinux how/where labels stored, securing rsync backup chrismurphy Security and Privacy 7 5th February 2012 04:35 PM
rsync & SELinux: software not working samrat_rao Servers & Networking 3 27th February 2009 11:17 PM
Test 3 w7o selinux installed, though lotsa selinux during usage? gafami Fedora Core 2 Test Releases 7 15th May 2004 08:15 AM

Current GMT-time: 06:22 (Wednesday, 23-08-2017)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat