[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: setroubleshoot-plugins string not clear



Domingo Becker wrote:
There is a string that seems to be wrong and not clear in
setroubleshoot-plugins.
It is the one with comment #: ../src/restorecon.py:35
The sentence
    File contexts can get assigned to a file can following ways.  <ul>\n
seems to be wrong.
And the sentence
    <li>The kernel can decide via policy that an application running as
context A Creating a file in a directory labeled B will create files labeled
C.\n
Is not clear to me. Would you or someone please explain it ?


kind regards

Domingo Becker (es)

You're right, the wording wasn't great, we rewrote it to look like this and should appear soon. You can either wait for the new po or use this text to help you interpret the existing text. Hope this helps.

    SELinux denied access requested by $SOURCE. $TARGET_PATH may
    be a mislabeled.  $TARGET_PATH default SELinux type is
<B>$MATCHTYPE</B>, but its current type is <B>$TARGET_TYPE</B>. Changing
    this file back to the default type, may fix your problem.
    <p>
    File contexts can be assigned to a file in the following ways.
    <ul>
<li>Files created in a directory receive the file context of the parent directory by default. <li>Users can change the file context on a file using tools such as chcon, or restorecon. <li>The SELinux policy might override the default label inherited from the parent directory by specifying a process running in context A which creates a file in a directory labeled B will instead create the file with label C. An example of this would be the dhcp client running with the dhclient_t type and creates a file in the directory /etc. This file would normally receive the etc_t type due to parental inheritance but instead the file is labeled with the net_conf_t type because the SELinux policy specifies this..
    </ul>
This file could have been mislabeled either by user error, or if an normally confined application
    was run under the wrong domain.
    <p>
However, this might also indicate a bug in SELinux because the file should not have been labeled
    with this type.
    <p>
    If you believe this is a bug, please file a
<a href="http://bugzilla.redhat.com/bugzilla/enter_bug.cgi";>bug report</a>
    against this package.


--
John Dennis <jdennis redhat com>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]