Fwd: constraining an app in targeted policy

[Benjamin Youngdahl]

Oops, forgot to CC the list in case anyone was curious on the specifics of
the resolution.

---------- Forwarded message ----------
From: Benjamin Youngdahl <ben.youngdahl at gmail.com>
Date: Dec 20, 2005 1:23 PM
Subject: Re: constraining an app in targeted policy
To: Daniel J Walsh <dwalsh at redhat.com>

Here you go -- was in a previous post but not the follow up that had the
".fc".

The problem was solved by a reboot.  Stephen has helped me see that it may
have been caused by an unload that I did of the module.  I thought (and am
still pretty sure) that I relabeled the files after the unload/reinstall of
the module, because I saw they had their context reset, but I may have
botched that step.

It's all working now, and I greatly appreciate the assistance of everyone.
Have a great Holidays; I know I will, writing policy modules :)

Ben

-----

policy_module(bentest,1.0.4)

############################## ##########
#
# Declarations
#

# Private type declarations
type bentest_t;
domain_type(bentest_t)
domain_auto_trans(unconfined_t,bentest_exec_t,bentest_t)
role system_r types bentest_t;

type bentest_exec_t;
domain_entry_file(bentest_t,bentest_exec_t)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20051220/d9dc7a21/attachment.htm>