On 01/03/2011 07:59 AM, Miroslav Grepl wrote: > On 12/31/2010 10:36 PM, Dominick Grift wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On 12/28/2010 12:45 PM, Daniel J Walsh wrote: >>> On 12/26/2010 05:25 PM, Jorge Fábregas wrote: >>>> On Sunday, December 26, 2010 05:25:22 pm Dominick Grift wrote: >>>>> is trying to read the state files in /proc for some unconfined_t process >>>> Never thought of /proc. That explains why I found it weird to see a file >>>> labeled as unconfined_t. >>>> Frank: disregard my previous suggetion>:) >>>> -- >>>> Jorge >>>> -- >>>> selinux mailing list >>>> selinux@xxxxxxxxxxxxxxxxxxxxxxx >>>> https://admin.fedoraproject.org/mailman/listinfo/selinux >>> What OS/Version are you seeing this in? >> dwalsh: looks like fedoras' passenger policy only works for passenger 2.* >> >> recently it seems version 3.* was released which introduced some major >> changes, causing fedora policy for passenger to completely break. >> >> i started work on a version 3 compatible policy but it is not advancing >> at all: >> >> http://fedorapeople.org/gitweb?p=domg472/public_git/ruby.git;a=summary > I have already added some support for the version 3 to F13/RHEL6 policy. > I will add it also to F14/F15 policy. Well, actually the fixes are already in the latest F14/F15 policy. But I just treat all with passenger_t domain, I will look at your policy. > Generally I work with "passenger guys" on SELinux policy. > > Also I am planning to talk with Michal Fojtik to update his blog. >> Also to miroslav: i noticed you have designed current policy for >> passenger with /var/lib/passenger as the webapp document root. I am of >> the opinion however that passenger/ror webapps should be labelled >> https_sys/user/*_script_exec_t just like any other webapp. >> >> - -- >> selinux mailing list >> selinux@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/selinux >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v2.0.16 (GNU/Linux) >> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ >> >> iEYEARECAAYFAk0eWtIACgkQMlxVo39jgT+fCACcCCVcGCOTlUWGzhuL1JsEMvNU >> ubcAn1xXQAekYXr56w1RRdow4QZ/lSug >> =I+PL >> -----END PGP SIGNATURE----- >> -- >> selinux mailing list >> selinux@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/selinux > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux