On May 29, 2009, at 10:50 PM, Nickolas Gray wrote:
I have a requirement to rsync ALL files over to a newly mounted
partition. the command is "rsync -AaXxH /home/snapshot/* /target/"
I can get this to work in permissive, and with a bit of massaging. I
can get an operational system that boots in enforcing on a new disk.
For the life of me I can't determine how I can gain access to copy
and write all these files in enforcing.
I have included the simple rules like
files_read_all_files(), but it seems there must be an easier assured
way of making sure I don't miss anything. It appears to me that not
everyfile in the system is really labeled with the attribute
file_type. Is there something I am missing on how to do this?
Suggestions?
From:
http://oss.tresys.com/projects/refpolicy/browser/trunk/policy/modules/admin/backup.te
...
allow backup_t self:capability dac_override;
...
files_read_all_files(backup_t)
files_read_all_symlinks(backup_t)
files_getattr_all_pipes(backup_t)
files_getattr_all_sockets(backup_t)
...
joe
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
