How to make SELinux file context permanent?
Gérard Milmeister
gemi at bluewin.ch
Mon Apr 3 23:50:33 UTC 2006
On Mon, 2006-04-03 at 19:22 -0400, Ignacio Vazquez-Abrams wrote:
> In FC5 it's to create a policy module and load it during %post.
Ok let's say I have to do the following:
semanage fcontext -a -t textrel_shlib_t
'/usr/lib/xorg/modules/extensions/nvidia/.*\.so(\.[^/]*)*'
which is necessary for prop. nvidia glx from livna to work.
1. How do I create a module from this?
2. What do I package with the RPM, and where should I put it (location
in the filesystem)?
3. What do I do in %post?
I presume the module is loaded in %post, and unloaded in %postun.
4. Does the module survive a policy update?
Maybe one could put a tutorial together for packagers.
--
Gérard Milmeister
Langackerstrasse 49
CH-8057 Zürich
More information about the fedora-extras-list
mailing list