On Mon, 2008-06-16 at 16:51 +0100, Paul Howarth wrote: > Daniel B. Thurman wrote: > > I have run into a problem of limted space for .strigi > > which was located in my home directory, so I decided > > to move ~/.strigi to another partition with ample space > > and created a symbolic link from ~/.strigi to the new > > location on a different partition. > > > > Selinux is reporting: > > SELinux is preventing strigidaemon (unconfined_t) "mmap_zero" to > > <Unknown> (unconfined_t). > > > > So, what is the proper context for .strigi and all of the files/directories > > contained within? > > You'll find that bind mounts work much better than symlinks from an > SELinux point of view. > > This reminds me to ask though, where is homedir_template as used by > genhomedircon now? I can't find it in Fedora 9 and anything I've tried > editing that looks like it might be it gets overwritten when I run > genhomedircon. genhomedircon functionality was taken into libsemanage in order to address various problems with the external implementation, and homedir_template is generated (from template entries in the .fc files) and used within the module sandbox, not made externally accessible. /usr/sbin/genhomedircon is now just a script that invokes semodule -Bn to regenerate the policy. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
