using tmpfs for /tmp and selinux

dragoran dragoran at feuerpokemon.de
Fri Mar 25 14:38:29 UTC 2005 

Stephen Smalley wrote:

>On Fri, 2005-03-25 at 15:15 +0100, dragoran wrote:
>  
>
>>does this mean that adding restorecon /tmp in rc.sysinit would solve my 
>>problem?
>>I am using selinux-policy-targeted-1.17.30-2.90 is
>>
>>allow tmpfile tmpfs_t:filesystem associate;
>>
>>already done in this policy? or do I have to add it myself? I have policy sources installed but I don't know in which file I should add this line before rebuilding the policy.
>>    
>>
>
>It is in the rawhide policy, doesn't appear to be in the latest policy
>for FC3 yet.  You can temporarily put it
>in /etc/selinux/targeted/src/policy/domains/misc/local.te and reload
>your policy for now.  The diff Dan proposed for rc.sysinit on selinux
>list is below.
>
>  
>
>------------------------------------------------------------------------
>
>--- initscripts-8.05/rc.d/rc.sysinit~	2005-03-24 15:02:51.000000000 -0500
>+++ initscripts-8.05/rc.d/rc.sysinit	2005-03-24 15:03:11.000000000 -0500
>@@ -593,6 +593,7 @@
> fi
> 
> # Clean up various /tmp bits
>+restorecon /tmp
> rm -f /tmp/.X*-lock /tmp/.lock.* /tmp/.gdm_socket /tmp/.s.PGSQL.*
> rm -rf /tmp/.X*-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/hsperfdata_* \
>        /tmp/kde-* /tmp/ksocket-* /tmp/mc-* /tmp/mcop-* /tmp/orbit-*  \
>  
>
>------------------------------------------------------------------------
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
ok now I have the problem that the policy doesn't build:
-
# make reload
make: *** No rule to make target 
`file_contexts/program/httpd_socket.fc', needed by 
`file_contexts/file_contexts'.  Stop.
-
I tryed:
#stat file_contexts/program/httpd_socket.fc
stat: cannot stat `file_contexts/program/httpd_socket.fc': No such file 
or directory
this file does not exists....
file_contexts/file_contexts is attached.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: file_contexts
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20050325/ba7dce18/attachment.ksh>

More information about the fedora-selinux-list mailing list