[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Tip: SELinux Context on Installed Files



Hi all, 

Here's a tip for anyone wanting to include an SELinux policy module in a custom set of packages:

If the packages you are adding to the distro require your policy module at install time (e.g. so that directories to be used through Samba are installed with samba_share_t context), you need to get Anaconda to load your policy module into the install environment.  Simply installing your policy with the rest of your packages is not enough: the packages will not be installed with contexts from your policy.  Edit /usr/lib/anaconda-runtime/upd-instroot, and add your policy module to the PACKAGES variable.  Then run buildinstall to update your install image.  Now Anaconda will have access to your policy, and set the correct contexts when your packages are installed.


Moray.
"To err is human.  To purr, feline"



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]