Steve Brueckner wrote:
Daniel J Walsh wrote:
Steve Brueckner wrote:
I have a file /etc/selinux/targeted/src/policy/file_contexts/programs/tspi_dillo.fc that contains the following line only:
/tspi/usr/local/bin/dillo -- system_u:object_r:tspi_dillo_exec_t
When I do # make reload and then # make relabel the system correctly
labels the file and adds the above line to the master file_contexts
file.
However, if I then run # /sbin/restorecon /tspi/usr/local/bin/dillo the file's type reverts to default_t
Any ideas on why this is happening?
I take it you have a domains/program/tspi_dillo.te file?
grep dillo /etc/selinux/targeted/context/files/*
Yes, I have /etc/selinux/targeted/src/policy/domains/program/tspi_dillo.te which declares the tspi_dillo_exec_t.
However, I think your grep showed me where the problem lies. There are two file_contexts files: /etc/selinux/targeted/src/policy/file_contexts/file_contexts /etc/selinux/targeted/context/files/file_contexts
And a diff shows that the former has the context for dillo and the latter does not. I was apparently mistaken earlier when I said that the "master" file_contexts file contains the line in question.
So my question now becomes how does the former get updated? I've done make reload and make relabel but it seems that neither is updating /etc/selinux/targeted/context/files/file_contexts.
Thanks,
- Steve Brueckner, ATC-NY
That is strange. Make reload should have copied the your file_context over.
Try make -W users load
See if the file_context gets replaced. Any chance of clock skew on your machine.
--
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
