idea: customizable_types.local
Dominick Grift
domg472 at gmail.com
Tue Nov 10 21:05:59 UTC 2009
Now we have restorecond -u running and it can be a pain. especially for
people that write their own custom modules.
for example i have a backup script that can write anywhere in
user_home_t. be it ~ or ~/Downloads.
It write the backups with a special type, But restorecond -u resets it
to user_home_t even before its finished writing ;)
Here comes customizable_types in. This can be used to add the type to it
so that restorecond -u doesnt try to reset it.
Thats cool, but what if you update your selinux policy? will
customizable_types be overwritten? Maybe it would be good to have a
customizable_types.local so that you can add your customizable types
there and not have to worry about policy updates or restorecond -u.
What do you think about this idea?
More information about the fedora-selinux-list
mailing list