selinux prelink avc's (broken paths in policy?)
Christopher Ashworth
cashworth at tresys.com
Thu May 25 15:49:22 UTC 2006
On Wed, 2006-05-24 at 12:56 -0400, Christopher Ashworth wrote:
> On Wed, 2006-05-24 at 16:38 +0100, Paul Howarth wrote:
> > So if "semanage fcontext -l" doesn't produce an ordered listing, is
> > there any way from userland to get one, one that encompasses both the
> > base policy and any added modules or context objects added using semanage?
>
> I don't know the definitive answer on a userland tool. semanage
> fcontext -l appears to just be calling libsemanage, which is in turn
> using Ivan's database functions to list the objects (in this case, the
> fcontext objects). I'll try to track down what happens between the
> file_contexts file and the listing.
I had a chance to take another look at this this morning.
In semanage (seobject.py, specifically), the list of file contexts being
retrieved via semanage_fcontext_list is in the correct order. However,
it is transfered to a dictionary and printed out by iterating over the
keys of the dictionary.
Changing this will allow semanage to report the file contexts in the
original order.
Christopher
More information about the fedora-selinux-list
mailing list