On Thu, 2013-08-22 at 09:09 +0200, Dominick Grift wrote: > > allow gogoc_t radvd_etc_t:file manage_file_perms; if this file gets > created by gogoc_t, then this probably needs a file type transition rule > as well, since the config file is located in /etc/ so without a type > transition rule the file would be created with type etc_t instead of > type radvd_etc_t Actually, now i see what you are trying to do: > /var/run/gogoc/gogoc-rtadvd.conf gen_context(system_u:object_r:radvd_etc_t,s0) So the config file is in /var/run/gogoc/gogoc-rtadvd.conf instead of /etc remove this fc spec and remove these rules: gogoc_read_pid_files(radvd_t) # For radvd to read the generated config file allow gogoc_t radvd_etc_t:file manage_file_perms; # Create config file for radvd allow radvd_t gogoc_var_run_t:file rw_file_perms; instead just allow radvd_t to manage gogoc_var_run_t files: manage_files_pattern(radvd_t, gpgpc_var_run_t, gogoc_var_run_t) -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
