Daniel J Walsh wrote: > Steve Brueckner wrote: > >> I have a file >> /etc/selinux/targeted/src/policy/file_contexts/programs/tspi_dillo.fc >> that contains the following line only: >> >> /tspi/usr/local/bin/dillo -- system_u:object_r:tspi_dillo_exec_t >> >> When I do # make reload and then # make relabel the system correctly >> labels the file and adds the above line to the master file_contexts >> file. >> >> However, if I then run # /sbin/restorecon /tspi/usr/local/bin/dillo >> the file's type reverts to default_t >> >> Any ideas on why this is happening? >> >> > I take it you have a domains/program/tspi_dillo.te file? > > grep dillo /etc/selinux/targeted/context/files/* > Yes, I have /etc/selinux/targeted/src/policy/domains/program/tspi_dillo.te which declares the tspi_dillo_exec_t. However, I think your grep showed me where the problem lies. There are two file_contexts files: /etc/selinux/targeted/src/policy/file_contexts/file_contexts /etc/selinux/targeted/context/files/file_contexts And a diff shows that the former has the context for dillo and the latter does not. I was apparently mistaken earlier when I said that the "master" file_contexts file contains the line in question. So my question now becomes how does the former get updated? I've done make reload and make relabel but it seems that neither is updating /etc/selinux/targeted/context/files/file_contexts. Thanks, - Steve Brueckner, ATC-NY -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
