[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Lower Process Capabilities



On 31/07/09 01:09, Matthew Woehlke wrote:
Bill McGonigle wrote:
What's it going to take to make most
people who shut off SELinux stop doing that?

...being able to install bleeding-edge devel KDE to
/usr/local/my-kde-install and be able to use that as my primary desktop.

I guess that would - at best - take some kind of "smart" auto-labeling
on the first exec of an unlabeled process.

Could probably be done by using file context equivalence and a restorecon run after the build completes:

# semanage fcontext -a -e /usr /usr/local/my-kde-install
# restorecon -rvF /usr/local/my-kde-install

http://danwalsh.livejournal.com/27571.html

Paul.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]