Building a modified selinux source rpm
Daniel J Walsh
dwalsh at redhat.com
Fri Apr 23 12:13:02 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/23/2010 07:15 AM, Alan Rouse wrote:
> I'm trying to get selinux working in a different linux distribution where
> the directory structure differs from the fedora / redhat pattern. I'm
> attempting to use the fedora selinux src rpm as a starting point, but of
> course lots of files are being labelled incorrectly due to the directory
> differences. I can identify the incorrectly labelled files and I know how
> to get them labelled correctly. But I need to be able to make a new source
> rpm based on the fedora selinux src rpm, including the necessary changes, so
> I can distribute and maintain the policy over time.
>
> I can execute "rpmbuild -bp SPECS/selinux-policy.spec" to generate the
> fedora patched policy source in the BUILD directory. Then I can make my
> changes there. But I need to be able to regenerate the src rpm including
> those changes. And I need to be able to maintain this over time as the
> reference policy evolves, by dropping in a new reference policy tgz and
> regenerating the patch files. Surely there's a better way than "vi
> policy-F12.patch"!
>
> I presume there are tools / scripts / instructions to help with this. Can
> someone point me in the right direction?
>
> Thanks!
>
>
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
If the alternative labels are fairly simple, why not set up file context
equivalence?
semanage fcontext -a -e -t /home /myhome
semanage fcontext -a -e -t /var/www /src/myweb
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkvRjs4ACgkQrlYvE4MpobMOSQCgp/ujmOYczfpHjFIcp24Xhnnz
/OoAoKwL84Ne1PdoIdMIHYKqJ0wjIKkr
=odVL
-----END PGP SIGNATURE-----
More information about the selinux
mailing list