Mike Hearn wrote:
On Mon, 03 Jan 2005 10:31:13 -0500, Daniel J Walsh wrote:
>The file will get recieve the context of the parent directory. Linker
>is probably running in unconfined_t so it will not any problem.
>
>
ldconfig doesn't though. Hmm.
ldconfig transitions to ldconfig_t and is only allowed to read certain
files.
>You should not have anything marked file_t unless they were
created on a
>machine that was not running
>SELinux. This indicates that you need a relabel.
>
>
They're in my home directory. I did a "make relabel" when I enabled the
targetted policy. Is that not enough?
relabel should have been enough, what kind of file system is your
homedirectory?
>Hopefully, good ideas usually get picked up by other
distributions, of
>course they might not think this is a good idea. :^)
>
>
Yeah this makes it rather hard for 3rd parties to track what's going on
here. Why can this stuff not all be done upstream and just merged with
Fedora at regular intervals?
Because we have a chicken and the egg problem. Upstream does not care
for SELinux until
people start to use it. So why would they put SELinux changes in, if
know one was using SELinux.
Also upstream does not always accept changes from the distros, so either
the distro is forced to
carry that patch or drop the functionality.
> Of course you could say that generally about differences between
>distributions.
>
>
I could, and I do. It's a major pain for all concerned.
thanks -mike
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
http://www.redhat.com/mailman/listinfo/fedora-selinux-list