[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Add SELinux protection to Pure-FTPd

From: Stephen Smalley <sds tycho nsa gov>
To: Aurelien Bompard <gauret free fr>
Cc: fedora-selinux-list redhat com
Subject: Re: Add SELinux protection to Pure-FTPd
Date: Fri, 14 Apr 2006 11:35:24 -0400

On Fri, 2006-04-14 at 17:22 +0200, Aurelien Bompard wrote:
> Stephen Smalley wrote:
> > Looks like the type isn't getting preserved
> > on /etc/selinux/$SELINUXTYPE/modules/{active,previous} upon updates -
> > they are reverting from semanage_store_t to selinux_config_t (the type
> > on their parent directory.  We either need to put semanage_store_t
> > on /etc/selinux/$SELINUXTYPE/modules as well or we need to make
> > libsemanage preserve the types.
> 
> OK, so it's something to fix at the main policy level, right (I can't do
> anything about it) ?

Correct.  You can restorecon -R /etc/selinux/targeted to temporarily fix
it, but it will keep reverting on each transaction.  chcon -t
semanage_store_t /etc/selinux/targeted/modules may solve the problem
with keeping the type on the active and previous subdirectories, but
ultimately needs to be applied in the policy.  

> 
> # rpm -q selinux-policy-targeted
> selinux-policy-targeted-2.2.29-3.fc5
> 
> 
> Aurélien
-- 
Stephen Smalley
National Security Agency

References:
- Add SELinux protection to Pure-FTPd
  - From: Aurelien Bompard
- Re: Add SELinux protection to Pure-FTPd
  - From: Stephen Smalley
- Re: Add SELinux protection to Pure-FTPd
  - From: Aurelien Bompard
- Re: Add SELinux protection to Pure-FTPd
  - From: Stephen Smalley
- Re: Add SELinux protection to Pure-FTPd
  - From: Aurelien Bompard

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]