-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/26/2011 09:53 AM, Michael Atighetchi wrote:
Hi Daniel,
I'm using sepolgen from policycoreutils-gui-2.0.85-28.fc14.x86_64.
The policy file that I hand modified (and caused the labeling
problems) was attached to the previous email.
Note that sepolgen refuses to generate policies for files that have a
"." in them, which seems like a pretty significant restriction.
Here is the trace:
[proxyuser@lime selinux]$ sepolgen -t 3
/home/proxyuser/trunk/aps-base/crumple-zone/target/runSeed.sh
Name must be alpha numberic with no spaces.
sepolgen [ -m ] [ -t type ] [ executable | Name ] valid Types:
0 Standard Init Daemon 1 DBUS System Daemon 2
Internet Services Daemon 3 User Application 4 Web
Application/Script (CGI) 5 Minimal X Windows User Role 6
Minimal Terminal User Role 7 User Role 8 Admin User Role
10 Root Admin User Role 11 Sandbox [proxyuser@lime
selinux]$
So long Michael
On 7/26/2011 3:04 PM, Daniel J Walsh wrote: On 07/26/2011 06:38 AM,
Michael Atighetchi wrote:
>>> On 7/26/2011 12:29 PM, Dominick Grift wrote:
>>>> On Tue, 2011-07-26 at 12:28 +0200, Michael Atighetchi wrote:
>>>>> One thing I realized using sepolgen is that it reject
>>>>> filenames that have "." in them. In the example below, I
>>>>> was trying to label "runSeed.sh", so maybe the fact that
it
>>>>> has a "." in it broke the labeling ?
>>>> Yes sometimes you need to escape dots
>>>>
>>>> the matchpathcon should expose that
>>> Thanks a bunch - I got things working by removing the "." in
>>> the filename and rerunning sepolgen on the new file.
>>>
>>> Support on this mailing list rocks! Michael
>>>
Could you attach the policy that was generated with the . in the
file name? Also what version of sepolgen were you using?
> -- selinux mailing list selinux(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/selinux
Try
sepolgen -n runseed -t 3
/home/proxyuser/trunk/aps-base/crumple-zone/target/runSeed.sh
Usage command should mention this field
I will add a patch to output the following
# sepolgen -t 3
/home/proxyuser/trunk/aps-base/crumple-zone/target/runSeed.sh
Name must be alpha numberic with no spaces. Consider using option "-n
MODULENAME"
sepolgen [ -n moduleName ] [ -m ] [ -t type ] [ executable | Name ]
valid Types:
0 Standard Init Daemon
1 DBUS System Daemon
2 Internet Services Daemon
3 User Application
4 Web Application/Script (CGI)
5 Minimal X Windows User Role
6 Minimal Terminal User Role
7 User Role
8 Admin User Role
10 Root Admin User Role
11 Sandbox
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org/
iEYEARECAAYFAk4uyY0ACgkQrlYvE4MpobMpLACeLHFoFlli+cqlCzR8B+q6x8Et
s7IAoMIpRLiPNyoktg1yWe4FMW6GJ8Jn
=eOTQ
-----END PGP SIGNATURE-----