I keep getting an SElinux alert on a specific file ( S.gpg-agent ) that I believe I have excluded via the rsync.conf.
The file actually exists at /root/.gnupg/S.gpg-agent
Attached is a screen shot of the message. Below is the line in the rsync.conf that I believe should be telling rsync not to process it.
filter=- / - *.tmp - *~ - *.bak - *.part - S.gpg-agent \
But then I do also say the following
+ /root/ - /root/.icedteaplugin/ + /root/*** \
so I'm not sure how rsync views a situation where I exclude it with a somewhat specific exclude ( - S.gpg.agent ) but then include it with a less specific include (+ /root/*** ).
I'm not sure at what point selinux gets involved exactly. If rsync just gets a directory listing and that file is included, does that trigger the alert (I doubt it) or does rsync have to try to get specific statistics on that file (probably)?
So, I'm not sure if my rsync spec is wrong or if rsync is trying to get info on a file (This is actually a socket) that its been told to ignore. Are the filter specs position dependant? Should I be including all of root and THEN excluding the file? Does the order of the specs mean anything?
Also, in general, why would rsync want to process a socket? I see no point in it ever touching sockets, so why isn't there an option to exclude all sockets? I've been thru man rsync and can't see any way of excluding a type of file, namely a socket.
Anyone have any ideas?
Linear Mode
