Backing out of changes to file contexts specification

[Al Pacifico]

This is related to the daemon question I asked earlier.

I created a problem using policygentool by specifying that a log file is
written to by two different binaries with different policies. My thread
about "Helper program for a daemon" provides some context (no pun intended).

I didn't realize that installing the policy would change the file context
specification database (although it makes perfect sense in retrospect). Now,
I've inadvertently specified that /var/log/slimserver be labelled under two
different contexts in /etc/selinux/targeted/contexts/files/file_contexts and
wish to remove the second set of entries.

Output of setfiles -n /etc/selinux/targeted/contexts/files/file_contexts
$filename includes several messages of the form:

/etc/selinux/targeted/contexts/files/file_contexts: Multiple different
specifications for /var/log/slimserver
(system_u:object_r:slimserver_scanner_var_log_t and
system_u:object_r:slimserver_var_log_t).

My policy module didn't install correctly because of this error, but the
file contexts specification is now incorrect. What is the best way to
correct this?
1. Just use sed or vi to eliminate the second specification?
2.Remove both installed policies that I wrote (which are the only non-stock
policy modules installed on my FC5 box) using semodule and restore
/etc/selinux/targeted/contexts/files/file_contexts from the rpm package
file?

Keep in mind I'm doing this over ssh to a box with no GUI, so I must use the
command line, vi, etc.
-al
-- 
Al Pacifico
Seattle, WA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20070420/a9fa7dc7/attachment.htm>