Fixfiles path...
Stephen Smalley
sds at tycho.nsa.gov
Thu Jun 16 19:30:17 UTC 2005
On Thu, 2005-06-16 at 15:19 -0400, Security News wrote:
> I have just put my custom policy on a text box with the sources
> included. I put the sources under /etc/selinux/dan_policy/
> I still have the strict source files in the /etc/selinux directory,
> but I have updated /etc/selinux/config to load the "dan_policy"
>
> Now my problem is that when I update the source files and try to "make
> relabel" or "fixfiles" both programs run the file contexts from the
> STRICT directory.
>
> How do I get these programs to run my own file_context files under
> /etc/selinux/dan_policy/...?
You shouldn't need sources to relabel; relabeling is based on the
installed /etc/selinux/$SELINUXTYPE/contexts/files/file_contexts* files.
And SELINUXTYPE is read from /etc/selinux/config. I'm a little confused
by your description above; /etc/selinux/dan_policy should be a complete
policy tree, i.e. /etc/selinux/dan_policy/policy/policy.NN would be the
installed binary policy
file, /etc/selinux/dan_policy/contexts/files/file_contexts would be the
file contexts configuration, and if you happen to install sources (which
aren't needed), they would go under /etc/selinux/dan_policy/src/policy.
Just like the strict or targeted policies.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list