making a file context change work for initrc_t and unconfined_t
Dominick Grift
dominick.grift at gmail.com
Sat Feb 4 18:11:52 UTC 2012
On Sat, 2012-02-04 at 11:01 -0500, Maria Iano wrote:
>
> Some of the additional file contexts were missing. I've added them to
> the patch file. I've also attached my te and fc files. Please note, my
> new diff compared directory trees that were different from yours. Here
> a line from the updated patch that shows what I'm talking about:
>
> diff --git a/current/policy/modules/services/likewise.fc b/new/policy/
> modules/services/likewise.fc
>
> Thanks!
> Maria
Yes i see some minor differences, for example you have a likewise init
script and have the ps store lock file in /var/lib rather than /etc.
There was another change that i suggested with regard to escaped
characters but after thinking about that i do not think that was needed
after all (i was confused about the path differences)
Attached is a modified patch:
I would like a Fedora maintainer to have a look (ACK) at it before i
consider to commit this to the git repository. I am especially unsure
about entries like these i added:
/var/lib/likewise(-open)?(/.*)?
gen_context(system_u:object_r:likewise_var_lib_t,s0)
Not sure if those regular expressions will work.
Also i think it would be even better if someone could test this once
more from scratch (e.g. with a totally clean /var/lib) to see whether
all objects are created with the proper types.
And then also to see whether all file context specifications are proper
now.
Thanks for your help
More information about the selinux
mailing list