Hi,

I have two problem want to fix.

Firstly,

[root@localhost tmp]# mkdir test
[root@localhost tmp]# ls -dZ test
drwxr-xr-x. root root unconfined_u:object_r:user_tmp_t:s0 test
[root@localhost tmp]# semanage fcontext -a -t samba_share_t "/tmp/test(/.*)?"
[root@localhost tmp]# restorecon -R -v /tmp/test/
restorecon reset /tmp/test context unconfined_u:object_r:user_tmp_t:s0->system_u:object_r:samba_share_t:s0
[root@localhost tmp]# ls -dZ test
drwxr-xr-x. root root system_u:object_r:samba_share_t:s0 test
------------------------------------------------------------------
When I tried to delete the type, an error happened.
[root@localhost tmp]# semanage fcontext -d /tmp/test/
Can't create lock file '/var/cache/abrt/pyhook-1287493825-3446.lock': Permission denied
Traceback (most recent call last):
  File "/usr/sbin/semanage", line 501, in <module>
    process_args(sys.argv[1:])
  File "/usr/sbin/semanage", line 437, in process_args
    OBJECT.delete(target, ftype)
  File "/usr/lib/python2.6/site-packages/seobject.py", line 1623, in delete
    self.__delete( target, ftype)
  File "/usr/lib/python2.6/site-packages/seobject.py", line 1594, in __delete
    if target in self.equiv.keys():
AttributeError: fcontextRecords instance has no attribute 'equiv'


And I have searched from Google, there is a bug has been reported. So I update it to the latest selinux-policy. The error still. How should I do?

Secondly,
   I have read the document which resided on fedora site. I have a question.
We can change the type or the domain of a file or process which can let us pass through the check of se-linux.
And we also can write a policy file to pass through se-linux.

   These two methods are the same destination? If so, which one is better when we try to use and why?
If not, Please give me some suggestion about the difference and when we should to use for them?
  

Thanks & Best Regards,
Su Heng