-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/10/2014 08:42 PM, Jayson Hurst wrote: > I am trying to create a policy for vasd but I cannot set my own fcontext > for /var/opt/quest/vas/vasd(/.*)? because I get the following error: > > /etc/selinux/targeted/contexts/files/file_contexts: Multiple different > specifications for /var/opt/quest/vas/vasd(/.*)? > (system_u:object_r:qasd_var_auth_t:s0 and system_u:object_r:var_auth_t:s0) > > When I attempt to delete the file context I get: > > $ semanage fcontext -d "/var/opt/quest/vas/vasd(/.*)?" /usr/sbin/semanage: > File context for /var/opt/quest/vas/vasd(/.*)? is defined in policy, cannot > be deleted > > I don't know who or what has already installed this file context, but I am > not able to work around it and it is causing problems with my module who is > the true owner of the file directory in question. > > Is there was way to find out how this file context was created and by what? > Also how do I remove it so I can define the directories file context > correctly? > > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > You could modify it, or work with Fedora/upstream to get your policy in. Basically this directory needs to be written to by login programs so we labeled it var_auth_t. I think semanage fcontext -m -t qasd_var_auth_t "/var/opt/quest/vas/vasd(/.*)?" Would work. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlL6NVMACgkQrlYvE4MpobNVzwCgk7wCVkGNCrtcxH+TjgBpeIFH tF4AnjXQWMGVGGgzKCWxPM2QQX12+woW =L+/4 -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
