[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: File contexts again

From: Stephen Smalley <sds tycho nsa gov>
To: Christopher Ashworth <cashworth tresys com>
Cc: fedora-selinux-list redhat com
Subject: Re: File contexts again
Date: Wed, 31 May 2006 13:05:47 -0400

On Wed, 2006-05-31 at 12:54 -0400, Christopher Ashworth wrote:
> On Wed, 2006-05-31 at 17:50 +0100, Paul Howarth wrote:
> > Hmm, that doesn't explain why file contexts that aren't regexes do 
> > actually work. So if I have:
> > 
> > /home/pgsql/pgstartup\.log      -- 
> > gen_context(system_u:object_r:postgresql_log_t,s0)
> > 
> > this actually works as expected, even though the /home/[^/]*/.+
> > homedir context also matches.
> 
> Ah, true.  I forgot you had said that this behavior was occurring.  It
> seems I have misremembered what is happening.  Let me look again to
> confirm what's going on.

libselinux gives precedence to fully specified pathnames (no regex
characters).  Doesn't matter where they fall within the config files.

-- 
Stephen Smalley
National Security Agency

Follow-Ups:
- Re: File contexts again
  - From: Christopher Ashworth

References:
- File contexts again
  - From: Paul Howarth
- Re: File contexts again
  - From: Christopher Ashworth
- Re: File contexts again
  - From: Paul Howarth
- Re: File contexts again
  - From: Christopher Ashworth
- Re: File contexts again
  - From: Paul Howarth
- Re: File contexts again
  - From: Christopher Ashworth

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]