Backing out of changes to file contexts specification
Stephen Smalley
sds at tycho.nsa.gov
Mon Apr 23 15:25:46 UTC 2007
On Mon, 2007-04-23 at 08:20 -0700, Al Pacifico wrote:
>
> If I reboot, does the
> file /etc/selinux/targeted/contexts/files/file_contexts get
> automatically rewritten? If so, where does the information that it's
> filled with come from and what process rewrites it?
It doesn't get rewritten at boot, only upon a change made to the policy
via semodule or semanage (both of which use libsemanage as their
backend). libsemanage manages a private store
under /etc/selinux/targeted/modules, applies all changes in a sandbox
there first, and then installs to the real locations upon a successful
completion of a transaction.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list