If I understand well, I could add a type to another type?!?!?! If that is
the case, I did not know about it.... like many things in the SELinux
world. It is so complex and so badly documented. :-(
On Tue, Jul 5, 2016 at 1:24 PM, Александр Кириллов <nevis2us@xxxxxxxxxxx>
wrote:
> Александр Кириллов писал 2016-07-05 19:58:
>
>> I need to have the tftpdir_rw_t and samba_share_t SELinux context on
>>> the same directory.
>>>
>>> How can we do this? Is it feasible to have more than one SELinux context?
>>>
>>
>> I don't think it's possible/feasible.
>> You'd probably need to add a new type and necessary rules to your local
>> policy.
>> Or add missing allow rules to an existing type (tftpdir_rw_t or
>> samba_share_t).
>> Or use audit2allow to add necessary allow rules to an existing type.
>> Any of the above could be a major PITA.
>>
>
> Some links and commands which might be useful if you really need this done:
>
> http://fedoraproject.org/wiki/PackagingDrafts/SELinux#Creating_new_types
>
> # sesearch --help
> # sesearch --allow -t samba_share_t
> # sesearch --allow -t tftpdir_rw_t
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
