Here it is , sir... Well, actually I'm trying to write my segatex policy. /usr/bin/segatex is actually link to /usr/bin/consolehelper In my INSTALL script I declared, ################################## ln -s /usr/bin/consolehelper /usr/bin/segatex ################################## I've been running my program in unconfined domain for several years, but I want to confine it now. So, I tried to label segatex_exec_t to /usr/bin/segatex. Made it fine, install all-right. I could find segatex module, you know... But alas, I could not restorecon nor autorelabel. Why? # segatex executable will have: # label: system_u:object_r:segatex_exec_t # MLS sensitivity: s0 # MCS categories: <none> /usr/bin/segatex -- gen_context(system_u:object_r:segatex_exec_t,s0) /usr/share/segatex(/.*)? -- gen_context(system_u:object_r:segatex_etc_t,s0) 2009/4/20 Daniel J Walsh <dwalsh@xxxxxxxxxx>: > On 04/20/2009 08:32 AM, Shintaro Fujiwara wrote: >> >> I wrote a policy which declares some label to symbolic link, and I >> restoreconed, but failed ? >> >> Am I stupid or what should I do to this ? >> >> Thanks. >> > What does you fc file look like? > -- http://intrajp.no-ip.com/ Home Page -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
