[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: What is the proper context for .strigi?
- From: Stephen Smalley <sds tycho nsa gov>
- To: Paul Howarth <paul city-fan org>
- Cc: For users of Fedora-Selinux <fedora-selinux-list redhat com>
- Subject: Re: What is the proper context for .strigi?
- Date: Mon, 16 Jun 2008 12:18:44 -0400
On Mon, 2008-06-16 at 16:51 +0100, Paul Howarth wrote:
> Daniel B. Thurman wrote:
> > I have run into a problem of limted space for .strigi
> > which was located in my home directory, so I decided
> > to move ~/.strigi to another partition with ample space
> > and created a symbolic link from ~/.strigi to the new
> > location on a different partition.
> >
> > Selinux is reporting:
> > SELinux is preventing strigidaemon (unconfined_t) "mmap_zero" to
> > <Unknown> (unconfined_t).
> >
> > So, what is the proper context for .strigi and all of the files/directories
> > contained within?
>
> You'll find that bind mounts work much better than symlinks from an
> SELinux point of view.
>
> This reminds me to ask though, where is homedir_template as used by
> genhomedircon now? I can't find it in Fedora 9 and anything I've tried
> editing that looks like it might be it gets overwritten when I run
> genhomedircon.
genhomedircon functionality was taken into libsemanage in order to
address various problems with the external implementation, and
homedir_template is generated (from template entries in the .fc files)
and used within the module sandbox, not made externally accessible.
/usr/sbin/genhomedircon is now just a script that invokes semodule -Bn
to regenerate the policy.
--
Stephen Smalley
National Security Agency
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]