But, what does -- stands for, in regular Linux admin work ? I will forget it easily. Or am I dumb fool not knowing Linux commands? 2009/4/20 Daniel J Walsh <dwalsh@xxxxxxxxxx>: > On 04/20/2009 08:47 AM, Shintaro Fujiwara wrote: >> >> Here it is , sir... >> >> Well, actually I'm trying to write my segatex policy. >> /usr/bin/segatex is actually link to /usr/bin/consolehelper >> >> In my INSTALL script I declared, >> ################################## >> ln -s /usr/bin/consolehelper /usr/bin/segatex >> ################################## >> >> I've been running my program in unconfined domain for several years, >> but I want to confine it now. >> So, I tried to label segatex_exec_t to /usr/bin/segatex. >> >> Made it fine, install all-right. >> >> I could find segatex module, you know... >> But alas, I could not restorecon nor autorelabel. >> >> Why? >> >> >> # segatex executable will have: >> # label: system_u:object_r:segatex_exec_t >> # MLS sensitivity: s0 >> # MCS categories:<none> >> >> /usr/bin/segatex -- >> gen_context(system_u:object_r:segatex_exec_t,s0) >> /usr/share/segatex(/.*)? -- >> gen_context(system_u:object_r:segatex_etc_t,s0) >> > > The -- tells the system to only label standard files with the segatext > label. > > If you eliminate "--" it will match everything. If you want to match only > symbolic links you would use "-l", Directories "-d". The same symbols that > ls uses at the begining of a ls line. >> >> >> >> 2009/4/20 Daniel J Walsh<dwalsh@xxxxxxxxxx>: >>> >>> On 04/20/2009 08:32 AM, Shintaro Fujiwara wrote: >>>> >>>> I wrote a policy which declares some label to symbolic link, and I >>>> restoreconed, but failed ? >>>> >>>> Am I stupid or what should I do to this ? >>>> >>>> Thanks. >>>> >>> What does you fc file look like? >>> >> >> >> > > -- http://intrajp.no-ip.com/ Home Page -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
