On Wed, 2006-05-31 at 12:54 -0400, Christopher Ashworth wrote: > On Wed, 2006-05-31 at 17:50 +0100, Paul Howarth wrote: > > Hmm, that doesn't explain why file contexts that aren't regexes do > > actually work. So if I have: > > > > /home/pgsql/pgstartup\.log -- > > gen_context(system_u:object_r:postgresql_log_t,s0) > > > > this actually works as expected, even though the /home/[^/]*/.+ > > homedir context also matches. > > Ah, true. I forgot you had said that this behavior was occurring. It > seems I have misremembered what is happening. Let me look again to > confirm what's going on. libselinux gives precedence to fully specified pathnames (no regex characters). Doesn't matter where they fall within the config files. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
