On Thu, 2005-07-28 at 17:00 +0100, Tim Waugh wrote:
As I mentioned before, the previous behaviour had been to create a new file and rename it over the old file, and the SELinux policy does not seem to allow that. Can you clarify what the correct procedure is for system tools that want to write configuration files for running daemons?
So, what precisely is the problem with allowing it to create a new file and rename it over the old file? While using a file type transition to put the new file into the correct type or modifying the program to use setfscreatecon() to explicitly label it with the correct type?