Stephen Smalley wrote:
On Thu, 2005-01-06 at 10:16, Daniel J Walsh wrote:
>Stephen Smalley wrote:
>
>
>>I'm not clear on why ldconfig runs in its own domain at all under
>>targeted policy (vs. unconfined_t). It used to just run unconfined_t in
>>older versions of the targeted policy. Is it an attempt to preserve the
>>type on /etc/ld.so.cache via the file type transition rules?
>>
>>
>>
>>
>>
>Yes.
>
>
Ok, so why not just add an unconfined_domain(ldconfig_t) to
unconfined.te in the targeted policy, so that ldconfig will still have
the file type transition rule but will be unrestricted there.
I have done that.