Re: Conflict between local module and local fcontext

From: "Robin Lee Powell" <rlpowell(a)digitalkingdom.org&gt; To: selinux(a)lists.fedoraproject.org Sent: Monday, July 27, 2015 6:05:51 PM Subject: Conflict between local module and local fcontext So I have a custom module that includes: type lojban_logger_t; type lojban_logger_exec_t; application_domain( lojban_logger_t, lojban_logger_exec_t) init_daemon_domain(lojban_logger_t, lojban_logger_exec_t) (not sure if those are redundant?) and: /srv/lojban/irclogs(/.*)? system_u:object_r:lojban_logger_t:s0 I've made a variety of changes with "semodule fcontext", including: /srv/lojban system_u:object_r:httpd_user_content_t:s0 /srv/lojban(/.*)? system_u:object_r:httpd_user_content_t:s0 As a result, the changes in my module are ignored, and the files end up with httpd_user_content_t So I tried: $ sudo semanage fcontext -a -t lojban_logger_t '/srv/lojban/irclogs(/.*)?' ValueError: Type lojban_logger_t is invalid, must be a file or device type Uhh. I guess this means that the custom module's types can't be seen by semanage? So, what's the correct solution here?

-- http://intelligence.org/ : Our last, best hope for a fantastic future. .i ko na cpedu lo nu stidi vau loi jbopre .i dafsku lu na go'i li'u .e lu go'i li'u .i ji'a go'i lu na'e go'i li'u .e lu go'i na'i li'u .e lu no'e go'i li'u .e lu to'e go'i li'u .e lu lo mamta be do cu sofybakni li'u -- selinux mailing list selinux(a)lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux