How to make SELinux file context permanent?
Ignacio Vazquez-Abrams
ivazquez at ivazquez.net
Mon Apr 3 23:22:00 UTC 2006
On Mon, 2006-04-03 at 23:30 +0200, Gérard Milmeister wrote:
> I have two packages, gcl and ecl, lisp compilers, that
> need a context change of some binaries from
> system_u:object_r:lib_t
> to
> system_u:object_r:textrel_shlib_t
> These files reside in subdirectories of /usr/lib. Is it
> possible to set context during RPM creation?
> In any case, the changes are not permament, because after
> a relabeling (or restorecon) of the filesystem, the context
> reverts to the default.
> What is the least painless way to do this correctly?
In FC5 it's to create a policy module and load it during %post. In FC4
it's to file a bug against selinux-policy-targeted.
http://sepolicy-server.sourceforge.net/index.php?page=module-overview
http://fedora.redhat.com/docs/selinux-faq-fc5/
--
Ignacio Vazquez-Abrams <ivazquez at ivazquez.net>
http://fedora.ivazquez.net/
gpg --keyserver hkp://subkeys.pgp.net --recv-key 38028b72
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20060403/140e5b92/attachment.sig>
More information about the fedora-extras-list
mailing list