-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/26/2011 09:53 AM, Michael Atighetchi wrote: > Hi Daniel, > > I'm using sepolgen from policycoreutils-gui-2.0.85-28.fc14.x86_64. > > The policy file that I hand modified (and caused the labeling > problems) was attached to the previous email. > > Note that sepolgen refuses to generate policies for files that have a > "." in them, which seems like a pretty significant restriction. > > Here is the trace: > > [proxyuser@lime selinux]$ sepolgen -t 3 > /home/proxyuser/trunk/aps-base/crumple-zone/target/runSeed.sh > > Name must be alpha numberic with no spaces. > > sepolgen [ -m ] [ -t type ] [ executable | Name ] valid Types: > > 0 Standard Init Daemon 1 DBUS System Daemon 2 > Internet Services Daemon 3 User Application 4 Web > Application/Script (CGI) 5 Minimal X Windows User Role 6 > Minimal Terminal User Role 7 User Role 8 Admin User Role > 10 Root Admin User Role 11 Sandbox [proxyuser@lime > selinux]$ > > So long Michael > > > On 7/26/2011 3:04 PM, Daniel J Walsh wrote: On 07/26/2011 06:38 AM, > Michael Atighetchi wrote: >>>> On 7/26/2011 12:29 PM, Dominick Grift wrote: >>>>> On Tue, 2011-07-26 at 12:28 +0200, Michael Atighetchi wrote: >>>>>> One thing I realized using sepolgen is that it reject >>>>>> filenames that have "." in them. In the example below, I >>>>>> was trying to label "runSeed.sh", so maybe the fact that it >>>>>> has a "." in it broke the labeling ? >>>>> Yes sometimes you need to escape dots >>>>> >>>>> the matchpathcon should expose that >>>> Thanks a bunch - I got things working by removing the "." in >>>> the filename and rerunning sepolgen on the new file. >>>> >>>> Support on this mailing list rocks! Michael >>>> > Could you attach the policy that was generated with the . in the > file name? Also what version of sepolgen were you using? >> -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/selinux > > Try sepolgen -n runseed -t 3 /home/proxyuser/trunk/aps-base/crumple-zone/target/runSeed.sh Usage command should mention this field I will add a patch to output the following # sepolgen -t 3 /home/proxyuser/trunk/aps-base/crumple-zone/target/runSeed.sh Name must be alpha numberic with no spaces. Consider using option "-n MODULENAME" sepolgen [ -n moduleName ] [ -m ] [ -t type ] [ executable | Name ] valid Types: 0 Standard Init Daemon 1 DBUS System Daemon 2 Internet Services Daemon 3 User Application 4 Web Application/Script (CGI) 5 Minimal X Windows User Role 6 Minimal Terminal User Role 7 User Role 8 Admin User Role 10 Root Admin User Role 11 Sandbox -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk4uyY0ACgkQrlYvE4MpobMpLACeLHFoFlli+cqlCzR8B+q6x8Et s7IAoMIpRLiPNyoktg1yWe4FMW6GJ8Jn =eOTQ -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
