On Thu, 2005-06-16 at 15:19 -0400, Security News wrote:
I have just put my custom policy on a text box with the sources
included. I put the sources under /etc/selinux/dan_policy/
I still have the strict source files in the /etc/selinux directory,
but I have updated /etc/selinux/config to load the "dan_policy"
Now my problem is that when I update the source files and try to "make
relabel" or "fixfiles" both programs run the file contexts from the
How do I get these programs to run my own file_context files under
You shouldn't need sources to relabel; relabeling is based on the
installed /etc/selinux/$SELINUXTYPE/contexts/files/file_contexts* files.
And SELINUXTYPE is read from /etc/selinux/config. I'm a little confused
by your description above; /etc/selinux/dan_policy should be a complete
policy tree, i.e. /etc/selinux/dan_policy/policy/policy.NN would be the
installed binary policy
file, /etc/selinux/dan_policy/contexts/files/file_contexts would be the
file contexts configuration, and if you happen to install sources (which
aren't needed), they would go under /etc/selinux/dan_policy/src/policy.
Just like the strict or targeted policies.
National Security Agency