Re: File context for /var/opt/quest/vas/vasd(/.*)? is defined in policy, cannot be deleted

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/11/2014 04:05 PM, Jayson Hurst wrote:
> I don't think its is inheriting its file context from the parent directory.
> There is an explicit entry in the
> /etc/selinux/targeted/contexts/files/file_contexts for 
> /var/opt/quest/vas/vasd(/.*)?
> 
> So if I want to set my own file context on this directory via a SELinux
> module I cannot because it fails to install. How do I manage this problem
> for others who wish to install the module?
> 
Right, I think you need to work with upstream or put an semanage fcontext -m
in your post install rather then shipping the label in your fc file.
>> Date: Tue, 11 Feb 2014 09:36:03 -0500 From: dwalsh@xxxxxxxxxx To:
>> swazup@xxxxxxxxxxx; selinux@xxxxxxxxxxxxxxxxxxxxxxx Subject: Re: File
>> context for /var/opt/quest/vas/vasd(/.*)? is defined in policy, cannot be
>> deleted
>> 
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> 
>> On 02/10/2014 08:42 PM, Jayson Hurst wrote:
>>> I am trying to create a policy for vasd but I cannot set my own
>>> fcontext for /var/opt/quest/vas/vasd(/.*)? because I get the following
>>> error:
>>> 
>>> /etc/selinux/targeted/contexts/files/file_contexts: Multiple different
>>>  specifications for /var/opt/quest/vas/vasd(/.*)? 
>>> (system_u:object_r:qasd_var_auth_t:s0 and
>>> system_u:object_r:var_auth_t:s0)
>>> 
>>> When I attempt to delete the file context I get:
>>> 
>>> $ semanage fcontext -d "/var/opt/quest/vas/vasd(/.*)?"
>>> /usr/sbin/semanage: File context for /var/opt/quest/vas/vasd(/.*)? is
>>> defined in policy, cannot be deleted
>>> 
>>> I don't know who or what has already installed this file context, but I
>>> am not able to work around it and it is causing problems with my module
>>> who is the true owner of the file directory in question.
>>> 
>>> Is there was way to find out how this file context was created and by
>>> what? Also how do I remove it so I can define the directories file
>>> context correctly?
>>> 
>>> 
>>> -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx 
>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>> 
>> You could modify it, or work with Fedora/upstream to get your policy in

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlL6kmoACgkQrlYvE4MpobNEDQCeI0DjpEnTgUUcA1QHPrAV59HO
VbEAoOjrPBfABlcXB3fdtQ2EMFoVOIZG
=i9ay
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux