selinux local policy from F10 to F11?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



If you have generated local selinux policy using semanage fcontext for
specific files or directories in F10, is there now a recommended way
to automate retrieval of these and then create the same rule set for
F11 after a clean F11 install?

I know that you can do
# semanage fcontext -C -l and send the output to a file.
This will generate lines such as
SELinux fcontext                                   type               Context

/home/mike/.cxoffice(/.*)?                         all files
system_u:object_r:textrel_shlib_t:s0
/home/mike/.cxoffice/dotwine/drive_c/Windows/System/SHLWAPI.DLL all
files        system_u:object_r:textrel_shlib_t:s0
/home/mike/.cxoffice/dotwine/drive_c/Windows/System/ole32.dll all
files         system_u:object_r:textrel_shlib_t:s0
/home/mike/.wine(/.*)?                             all files
system_u:object_r:textrel_shlib_t:s0

However I guess that saving this will still not allow these rules to
be written back to the new system in an automated way unless a script
is written to parse the lines and create a set of new selinux fcontext
lines that will create each local
rule with something like:
semanage fcontext -a -t textrel_shlib_t /home/mike/.cxoffice(/.*)?
with one for each original line in the output generated from the old
system before it was replaced?

If there is a cleaner way to achieve this I would like to hear about it?


-- 
mike

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux