Problem with restorecon
Konrad Azzopardi
konrad.azzopardi at gmail.com
Mon Dec 1 22:47:04 UTC 2008
Hi people,
i have the following policy version installed
selinux-policy-3.3.1-107.fc9.noarch
selinux-policy-devel-3.3.1-107.fc9.noarch
selinux-policy-targeted-3.3.1-107.fc9.noarch
I create an Selinux policy and generated the following filecontexts
[root at MALTA konsu]# semanage fcontext -l | grep yule
/etc/init.d/yule regular file
system_u:object_r:yule_script_exec_t:s0
/var/run/yule.pid regular file
system_u:object_r:yule_var_run_t:s0
/var/log/yule(/.*)? regular file
system_u:object_r:yule_log_t:s0
/var/lib/yule(/.*)? regular file
system_u:object_r:yule_var_lib_t:s0
/etc/yulerc regular file
system_u:object_r:yule_config_t:s0
/usr/local/sbin/yule regular file
system_u:object_r:yule_exec_t:s0
Allt he files seems to become labelled normally as expected except
/etc/init.d/yule
[root at MALTA konsu]# restorecon -R -v /etc/init.d/yule
[root at MALTA konsu]# ls -lrtZ /etc/init.d/yule
-rwx------ root root system_u:object_r:initrc_exec_t:s0 /etc/init.d/yule
I cannot get rid of initrc_exec_t. Although my script is still
confined correctly, I would like to label this file normally, is there
a reason why restorecon fails ?
many thanks
konrad
fedora-selinux-list
More information about the fedora-selinux-list
mailing list