Why did we remove it?
Let's look at the comments written in the policy source to describe file_t.
# file_t is the default type of a file that has not yet been
# assigned an extended attribute (EA) value (when using a filesystem
# that supports EAs).
Now lets look at the description of unlabeled_t
# unlabeled_t is the type of unlabeled objects.
# Objects that have no known labeling information or that
# have labels that are no longer valid are treated as having this type.
Notice the conflict.
If a file object does not have a labeled assigned to it, then it would be labeled unlabeled_t. Unless it is on a file system that supports extended attributes then it would be file_t?
I always hated explaining this, and we have finally removed the conflict for future Fedora's. Sadly this change has not been made in RHEL7 or any older RHELs or Fedoras.
We also added a type alias for unlabeled_t to file_t.
Note: Seandroid made this change when the policy was first being written.
One other conflict I would like to fix is that a file with a label that the kernel does not understand, is labeled unlabeled_t. (IE It has a label but it is invalid.) I have argued for having the kernel differentiate the two situations.
- No label -> unlabeled_t
- Invalid Label -> invalid_t.