-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/10/2013 12:36 PM, Eric Chennells wrote:
Hello,
I must be missing something in my understanding of selinux but I'm having
problem where the root user can not change the selinux type of a directory.
I am running in targeted mode.
I was experimenting and changed the type of /tmp/bah to "unconfined_t". I
am now unable to either delete the directory or to change the type back to
"tmp_t "
chcon -R -t tmp_t /tmp/bah/
Results in:
chcon: failed to change context of `/tmp/bah/' to
`unconfined_u:object_r:tmp_t:s0': Permission denied
Audit2allow is suggesting "allow unconfined_t self:dir relabelfrom;" but
I don't want to apply that because it seems that would allow all
unconfined files/processes to relabel themselves, is that correct?
Thanks for any tips.
Eric
Notice of Confidentiality: The information transmitted is intended only for
the person or entity to which it is addressed and may contain confidential
and/or privileged material. Any review, re-transmission, dissemination or
other use of or taking of any action in reliance upon this information by
persons or entities other than the intended recipient is prohibited. If you
received this in error please contact the sender immediately by return
electronic transmission and then immediately delete this transmission
including all attachments without copying, distributing or disclosing the
same.
-- selinux mailing list selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
I had written a blog on this previously.
http://danwalsh.livejournal.com/54803.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iEYEARECAAYFAlHd1xEACgkQrlYvE4MpobPVVACg0AqFoNGCnnoqSSEfJeCL1K8A
9MMAn1/gxYBYVbEW7KVBV0txHxz7sIwj
=ASei
-----END PGP SIGNATURE-----