SELinux and Shorewall with IPSets
Mr Dash Four
mr.dash.four at googlemail.com
Wed Jun 30 21:09:11 UTC 2010
>>> this is what i committed to my branch that might fix that:
>>>
>>> ------------------------ policy/modules/apps/livecd.te
>>> ------------------------
>>> index 4e69cdf..5d1084a 100644
>>> @@ -23,7 +23,7 @@
>>>
>>> domain_ptrace_all_domains(livecd_t)
>>>
>>> -seutil_domtrans_setfiles_mac(livecd_t)
>>> +seutil_run_setfiles_mac(livecd_t, system_r)
>>>
>>> manage_dirs_pattern(livecd_t, livecd_tmp_t, livecd_tmp_t)
>>> manage_files_pattern(livecd_t, livecd_tmp_t, livecd_tmp_t)
>>>
>>>
>>>
>> Do I save this as ~/rpmbuld/SOURCES/DG-SELinux.patch and then apply it
>> to my custom selinux-policy?
>>
>
> Replace it manually. Because that isnt a proper patch.
>
> open policy/modules/apps/livecd.te. find
> seutil_domtrans_setfiles_mac(livecd_t) and replace it by
> seutil_run_setfiles_mac(livecd_t, system_r)
>
I presume this will be for the development machine (the one I am using
to create the image) as on the image itself livecd is not used at all
and is not needed. Is that correct? If so, I presume I need to compile
and install my own custom policy and replace it with the 'stock' version
- is that right?
More information about the selinux
mailing list