>>> this is what i committed to my branch that might fix that: >>> >>> ------------------------ policy/modules/apps/livecd.te >>> ------------------------ >>> index 4e69cdf..5d1084a 100644 >>> @@ -23,7 +23,7 @@ >>> >>> domain_ptrace_all_domains(livecd_t) >>> >>> -seutil_domtrans_setfiles_mac(livecd_t) >>> +seutil_run_setfiles_mac(livecd_t, system_r) >>> >>> manage_dirs_pattern(livecd_t, livecd_tmp_t, livecd_tmp_t) >>> manage_files_pattern(livecd_t, livecd_tmp_t, livecd_tmp_t) >>> >>> >>> >> Do I save this as ~/rpmbuld/SOURCES/DG-SELinux.patch and then apply it >> to my custom selinux-policy? >> > > Replace it manually. Because that isnt a proper patch. > > open policy/modules/apps/livecd.te. find > seutil_domtrans_setfiles_mac(livecd_t) and replace it by > seutil_run_setfiles_mac(livecd_t, system_r) > I presume this will be for the development machine (the one I am using to create the image) as on the image itself livecd is not used at all and is not needed. Is that correct? If so, I presume I need to compile and install my own custom policy and replace it with the 'stock' version - is that right? -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
