Add SELinux protection to Pure-FTPd

Stephen Smalley sds at
Fri Apr 14 15:35:24 UTC 2006

On Fri, 2006-04-14 at 17:22 +0200, Aurelien Bompard wrote:
> Stephen Smalley wrote:
> > Looks like the type isn't getting preserved
> > on /etc/selinux/$SELINUXTYPE/modules/{active,previous} upon updates -
> > they are reverting from semanage_store_t to selinux_config_t (the type
> > on their parent directory.  We either need to put semanage_store_t
> > on /etc/selinux/$SELINUXTYPE/modules as well or we need to make
> > libsemanage preserve the types.
> OK, so it's something to fix at the main policy level, right (I can't do
> anything about it) ?

Correct.  You can restorecon -R /etc/selinux/targeted to temporarily fix
it, but it will keep reverting on each transaction.  chcon -t
semanage_store_t /etc/selinux/targeted/modules may solve the problem
with keeping the type on the active and previous subdirectories, but
ultimately needs to be applied in the policy.  

> # rpm -q selinux-policy-targeted
> selinux-policy-targeted-2.2.29-3.fc5
> Aurélien
Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list