Already have these,
I believe my problems have to do with placing the files on the new
disk. I am getting relabelto, relabelfrom, rename,add_name,
remove_name, and setattr in my audit log
On May 29, 2009, at 11:13 PM, Joe Nall wrote:
On May 29, 2009, at 10:50 PM, Nickolas Gray wrote:
I have a requirement to rsync ALL files over to a newly mounted
partition. the command is "rsync -AaXxH /home/snapshot/* /target/"
I can get this to work in permissive, and with a bit of massaging.
I can get an operational system that boots in enforcing on a new
disk.
For the life of me I can't determine how I can gain access to copy
and write all these files in enforcing.
I have included the simple rules like
files_read_all_files(), but it seems there must be an easier
assured way of making sure I don't miss anything. It appears to me
that not everyfile in the system is really labeled with the
attribute file_type. Is there something I am missing on how to do
this? Suggestions?
From:
http://oss.tresys.com/projects/refpolicy/browser/trunk/policy/modules/admin/backup.te
...
allow backup_t self:capability dac_override;
...
files_read_all_files(backup_t)
files_read_all_symlinks(backup_t)
files_getattr_all_pipes(backup_t)
files_getattr_all_sockets(backup_t)
...
joe
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
"THIS time it really is fixed. I mean, how many times can we get it
wrong? At some point, we just have to run out of bad ideas.."
Linus Torvalds
Nickolas Gray
nick@xxxxxxxxxxx
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
