SELinux policy for ndiswrapper

Ryan Gall rrcoot at verizon.net
Wed Mar 23 15:34:42 UTC 2005


> > > > #Context for the driver configuration files
> > > > /etc/ndiswrapper/ -- system_u:object_r:loadndis_content_t
> > > 
> > > you probably want this:
> > > 
> > > /etc/ndiswrapper(/.*)?  system_u:object_r:loadndis_content_t
> > > 
> > > so you can label all of the driver stuff tha'ts stored under that
> > > directory and it's subdirectories.  I don't think your pattern will
> > > match anything.
> > > 
> > Actually everything does get the correct labels here.  I guess it is
> > setting the label on the ndiswrapper directory and then all the child
> > directories and files are inheriting that context.
> 
> Well if the directory is labeled correctly, and files are created in
> that directory, then it would get loadndis_content_t.  However, if you
> relabeled, I bet they would end up having the wrong labels.  Try running
> matchpathcon on a file in /etc/ndiswrapper, to see what file context
> matches.  (`matchpathcon /etc/ndiswrapper/somefile`).
> 
> -- 
> Chris PeBenito
> Tresys Technology, LLC
> (410) 290-1411 x150
> 

You were right Chris, it did not work correctly when I relabeled.
Thanks for all your help.

Ryan




More information about the fedora-selinux-list mailing list