using tmpfs for /tmp and selinux
Bill Nottingham
notting at redhat.com
Fri Mar 25 17:56:03 UTC 2005
Stephen Smalley (sds at tycho.nsa.gov) said:
> > in which file should I add this?
>
> After further discussion on selinux list, it looks like Dan is going to
> take a different approach and not use a fscontext= or context= mount.
> Instead, he is just adding a 'restorecon /tmp' line
> to /etc/rc.d/rc.sysinit so that it will get relabeled to tmp_t at that
> time, and Dan recently added the following to the policy:
> allow tmpfile tmpfs_t:filesystem associate;
A question: why don't mounts normally inherit the context of the
directory where they're mounted in cases like these?
Bill
More information about the fedora-selinux-list
mailing list