Add SELinux protection to Pure-FTPd
Stephen Smalley
sds at tycho.nsa.gov
Fri Apr 14 15:35:24 UTC 2006
On Fri, 2006-04-14 at 17:22 +0200, Aurelien Bompard wrote:
> Stephen Smalley wrote:
> > Looks like the type isn't getting preserved
> > on /etc/selinux/$SELINUXTYPE/modules/{active,previous} upon updates -
> > they are reverting from semanage_store_t to selinux_config_t (the type
> > on their parent directory. We either need to put semanage_store_t
> > on /etc/selinux/$SELINUXTYPE/modules as well or we need to make
> > libsemanage preserve the types.
>
> OK, so it's something to fix at the main policy level, right (I can't do
> anything about it) ?
Correct. You can restorecon -R /etc/selinux/targeted to temporarily fix
it, but it will keep reverting on each transaction. chcon -t
semanage_store_t /etc/selinux/targeted/modules may solve the problem
with keeping the type on the active and previous subdirectories, but
ultimately needs to be applied in the policy.
>
> # rpm -q selinux-policy-targeted
> selinux-policy-targeted-2.2.29-3.fc5
>
>
> Aurélien
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list