ls -Z shows question mark
-
- Posts: 16
- Joined: 2013/12/22 20:54:59
- Location: San Jose, California
ls -Z shows question mark
Hello Guys,
I'm not sure whether it is a problem or not, so i would like to get your opinion (and maybe a solution if you have it )
i'm exporting my /home directory to several machines and the folders are looking good.
Where the folder is exported, the commands
ls and ls -lash
return the correct properties (owner, group, name...) and i can successfully read or write in those folders.
but the command
ls -Z
returns "?" instead of showing the contexts.
for example:
ls -lash
drwxr_xr_x paul users 4.0K Jun 26 18:07 paul
and ls -Z
drwxr-xr-x paul users ? paul
But on the local machine (meaning where the directory really is), it shows the correct information:
drwxr-xr-x. paul users system_u:object_r:home_root_t:s0 paul
On all machines, firewall and selinux have been disabled.
my /etc/export contains the options
myfolder mymachine2(rw,sync,no_root_squash)
and my /etc/fstab :
machine1:folder /home nfs rw,hard,intr,bg 0 0
What do you think ?
Thanks a lot for your help !
I'm not sure whether it is a problem or not, so i would like to get your opinion (and maybe a solution if you have it )
i'm exporting my /home directory to several machines and the folders are looking good.
Where the folder is exported, the commands
ls and ls -lash
return the correct properties (owner, group, name...) and i can successfully read or write in those folders.
but the command
ls -Z
returns "?" instead of showing the contexts.
for example:
ls -lash
drwxr_xr_x paul users 4.0K Jun 26 18:07 paul
and ls -Z
drwxr-xr-x paul users ? paul
But on the local machine (meaning where the directory really is), it shows the correct information:
drwxr-xr-x. paul users system_u:object_r:home_root_t:s0 paul
On all machines, firewall and selinux have been disabled.
my /etc/export contains the options
myfolder mymachine2(rw,sync,no_root_squash)
and my /etc/fstab :
machine1:folder /home nfs rw,hard,intr,bg 0 0
What do you think ?
Thanks a lot for your help !
Re: ls -Z shows question mark
Probably because selinux has been disabled and a re-labelling is due.
-
- Posts: 16
- Joined: 2013/12/22 20:54:59
- Location: San Jose, California
Re: ls -Z shows question mark
Hello,
Thanks for your reply, but i did a relabelling (by creating a .autorelabel file and rebooting the computer) but same thing
any other idea ?
Thanks!
Thanks for your reply, but i did a relabelling (by creating a .autorelabel file and rebooting the computer) but same thing
any other idea ?
Thanks!
Re: ls -Z shows question mark
Please post the output of the command sestatus (you need to run this as root).
Re: ls -Z shows question mark
I am having the exactly same problem. Even after forced relabeling there are question marks in the output of the "ls -lZ" command.
Output of the "sestatus" command:
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
Output of the "sestatus" command:
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
Re: ls -Z shows question mark
Are you running this on an NFS mounted filesystem? Are both ends selinux enforced?
Have you re-labeled?
Have you re-labeled?
Re: ls -Z shows question mark
There are no NFS mounts at all, only local file systems, so no other end exists.aks wrote:Are you running this on an NFS mounted filesystem? Are both ends selinux enforced?
Have you re-labeled?
I was re-labeling the system via creating a file /.autorelabel than rebooting, as the "man selinux" says. No effect.
Re: ls -Z shows question mark
They way this works, the data is stored in "extended attributes" of the filesystem. A ? means we can't read and/or understand that data.
Either your SELinux is SERIOUSLY compromised or you have an really bizzare hard disk issue.
Have you been hacked?
Either your SELinux is SERIOUSLY compromised or you have an really bizzare hard disk issue.
Have you been hacked?
Re: ls -Z shows question mark
Thanks for everybody.
I figured out that there is no issue with the Selinux, it just works fine. The problem is with the "ls" program, I am using the "ls" which comes first decided via the PATH shell environment variable, such that it is: /usr/local/bin/ls.
# md5sum /usr/local/bin/ls
845c3e7d36307e4360523ba0d180f956 /usr/local/bin/ls
# sha1sum /usr/local/bin/ls
152bc0b13b0a30e54bf231f9d5e836fe24694f4f /usr/local/bin/ls
#
Is there a database which can tell is it a legitimate but outdated version, or a hacked one?
I figured out that there is no issue with the Selinux, it just works fine. The problem is with the "ls" program, I am using the "ls" which comes first decided via the PATH shell environment variable, such that it is: /usr/local/bin/ls.
# md5sum /usr/local/bin/ls
845c3e7d36307e4360523ba0d180f956 /usr/local/bin/ls
# sha1sum /usr/local/bin/ls
152bc0b13b0a30e54bf231f9d5e836fe24694f4f /usr/local/bin/ls
#
Is there a database which can tell is it a legitimate but outdated version, or a hacked one?
Re: ls -Z shows question mark
CentOS ships nothing at all that lives in /usr/local so that is either suspicious or placed there by someone clueless with root access.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke