On Thu, 30 Dec 2004 22:52:02 -0500, Daniel J Walsh wrote: > The problem is that sometimes file like share libraries need a different > file context (shlib_t) > than the directory they are being copied to (lib_t). RPM and now > install have the smarts to handle this. mv and cp do not. I see. What happens if you create a file in a lib_t directory using the standard POSIX APIs? I looked at the Loki setup sources and it doesn't use "cp" directly of course, it just opens files and copies them using a read/write loop. What happens if a library is put in a directory that isn't lib_t, and the DSO is not marked as shlib_t? Does the linker refuse to link it? Or is it just that ldconfig cannot read them. I have a game here where it uses libraries marked as file_t, and it seems to work when using LD_LIBRARY_PATH which makes me happier :) Most third party programs do not rely on the linker cache anyway, so I suppose this is a good thing. > What do you base this on? Fedora is where most of the SELinux > development has been going on. Yes, I mean it's hard to find out how Fedora differs from Debian or Gentoo SELinux-wise. If I use "install" does this only work on Fedora? Or is this something that will eventually be merged into other distributions too. What about the pam_selinux module, is that used elsewhere or on other distros must I remember to use the SELinux su equivalent as well? (I forgot it's name ...) thanks -mike
