On Fri, 2006-04-14 at 17:22 +0200, Aurelien Bompard wrote:
Stephen Smalley wrote:
> Looks like the type isn't getting preserved
> on /etc/selinux/$SELINUXTYPE/modules/{active,previous} upon updates -
> they are reverting from semanage_store_t to selinux_config_t (the type
> on their parent directory. We either need to put semanage_store_t
> on /etc/selinux/$SELINUXTYPE/modules as well or we need to make
> libsemanage preserve the types.
OK, so it's something to fix at the main policy level, right (I can't do
anything about it) ?
Correct. You can restorecon -R /etc/selinux/targeted to temporarily fix
it, but it will keep reverting on each transaction. chcon -t
semanage_store_t /etc/selinux/targeted/modules may solve the problem
with keeping the type on the active and previous subdirectories, but
ultimately needs to be applied in the policy.
# rpm -q selinux-policy-targeted
selinux-policy-targeted-2.2.29-3.fc5
Aurélien
--
Stephen Smalley
National Security Agency