fedora policy changes
Russell Coker
russell at coker.com.au
Fri Jun 4 07:27:05 UTC 2004
On Fri, 4 Jun 2004 13:29, Chris Grier <grier at uiuc.edu> wrote:
> > What directory is libdevmapper.so.1.00 in?
>
> Symlinked into /usr/local/lib from
> /usr/local/encap/device-mapper-1.00.17/lib
>
> [chris at localhost chris]$ ls -laZd /usr/local/lib
> drwxr-xr-x+ root root system_u:object_r:lib_t /usr/local/lib
>
> So my next guess is that /usr/local/encap/* is not labeled correctly,
> and this is generating the audits (it IS not labled correctly). I didn't
> think about this since /usr/local/lib is labeled correctly, athough the
> files that encap links in are not. Simple to add this to the file
> contexts though. Thanks.
/usr/local is for non-package stuff. We have a few common directories
from /usr/local in the standard file contexts files for convenience. But if
you do anything serious under /usr/local you have to write your own .fc
entries.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list