Where should an RPM install .te/.fc files?
Russell Coker
russell at coker.com.au
Wed Jun 16 04:50:14 UTC 2004
On Wed, 16 Jun 2004 10:56, "W. Michael Petullo" <mike at flyn.org> wrote:
> I maintain an RPM that installs .te and .fc files. In the past,
> contributing to the system's SELinux policy could be done by installing
> files in /etc/security/selinux/src/policy (I'm not sure this is right
> to begin with):
>
> %policy %{_sysconfdir}/security/selinux/src/policy/macros/
> pam_mount_macros.te
> However, now policies may be in /etc/selinux/strict/src/policy/ or /
> etc/selinux/targeted/src/policy/. It is also possible that only one of
> these directories exists.
I don't think that your macros file fits in with the targetted policy, and I
think that the general aims of the targetted policy don't involve that sort
of thing (but this hasn't been considered much so far).
It's probably best to install the files under only the strict directory.
It is also possible that only one of those directories exists.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the selinux
mailing list