Conflict between local module and local fcontext
Robin Lee Powell
rlpowell at digitalkingdom.org
Mon Jul 27 22:05:51 UTC 2015
So I have a custom module that includes:
type lojban_logger_t;
type lojban_logger_exec_t;
application_domain( lojban_logger_t, lojban_logger_exec_t)
init_daemon_domain(lojban_logger_t, lojban_logger_exec_t)
(not sure if those are redundant?) and:
/srv/lojban/irclogs(/.*)? system_u:object_r:lojban_logger_t:s0
I've made a variety of changes with "semodule fcontext", including:
/srv/lojban system_u:object_r:httpd_user_content_t:s0
/srv/lojban(/.*)? system_u:object_r:httpd_user_content_t:s0
As a result, the changes in my module are ignored, and the files
end up with httpd_user_content_t
So I tried:
$ sudo semanage fcontext -a -t lojban_logger_t '/srv/lojban/irclogs(/.*)?'
ValueError: Type lojban_logger_t is invalid, must be a file or device type
Uhh.
I guess this means that the custom module's types can't be seen by
semanage?
So, what's the correct solution here?
--
http://intelligence.org/ : Our last, best hope for a fantastic future.
.i ko na cpedu lo nu stidi vau loi jbopre .i dafsku lu na go'i li'u .e
lu go'i li'u .i ji'a go'i lu na'e go'i li'u .e lu go'i na'i li'u .e
lu no'e go'i li'u .e lu to'e go'i li'u .e lu lo mamta be do cu sofybakni li'u
More information about the selinux
mailing list