RE: File context for /var/opt/quest/vas/vasd(/.*)? is defined in policy, cannot be deleted

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks Dan,

right now I have it at the end of my make/install script.

> Date: Tue, 11 Feb 2014 16:13:14 -0500
> From: dwalsh@xxxxxxxxxx
> To: swazup@xxxxxxxxxxx; selinux@xxxxxxxxxxxxxxxxxxxxxxx
> Subject: Re: File context for /var/opt/quest/vas/vasd(/.*)? is defined in policy, cannot be deleted
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 02/11/2014 04:05 PM, Jayson Hurst wrote:
> > I don't think its is inheriting its file context from the parent directory.
> > There is an explicit entry in the
> > /etc/selinux/targeted/contexts/files/file_contexts for
> > /var/opt/quest/vas/vasd(/.*)?
> >
> > So if I want to set my own file context on this directory via a SELinux
> > module I cannot because it fails to install. How do I manage this problem
> > for others who wish to install the module?
> >
> Right, I think you need to work with upstream or put an semanage fcontext -m
> in your post install rather then shipping the label in your fc file.
> >> Date: Tue, 11 Feb 2014 09:36:03 -0500 From: dwalsh@xxxxxxxxxx To:
> >> swazup@xxxxxxxxxxx; selinux@xxxxxxxxxxxxxxxxxxxxxxx Subject: Re: File
> >> context for /var/opt/quest/vas/vasd(/.*)? is defined in policy, cannot be
> >> deleted
> >>
> >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
> >>
> >> On 02/10/2014 08:42 PM, Jayson Hurst wrote:
> >>> I am trying to create a policy for vasd but I cannot set my own
> >>> fcontext for /var/opt/quest/vas/vasd(/.*)? because I get the following
> >>> error:
> >>>
> >>> /etc/selinux/targeted/contexts/files/file_contexts: Multiple different
> >>> specifications for /var/opt/quest/vas/vasd(/.*)?
> >>> (system_u:object_r:qasd_var_auth_t:s0 and
> >>> system_u:object_r:var_auth_t:s0)
> >>>
> >>> When I attempt to delete the file context I get:
> >>>
> >>> $ semanage fcontext -d "/var/opt/quest/vas/vasd(/.*)?"
> >>> /usr/sbin/semanage: File context for /var/opt/quest/vas/vasd(/.*)? is
> >>> defined in policy, cannot be deleted
> >>>
> >>> I don't know who or what has already installed this file context, but I
> >>> am not able to work around it and it is causing problems with my module
> >>> who is the true owner of the file directory in question.
> >>>
> >>> Is there was way to find out how this file context was created and by
> >>> what? Also how do I remove it so I can define the directories file
> >>> context correctly?
> >>>
> >>>
> >>> -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx
> >>> https://admin.fedoraproject.org/mailman/listinfo/selinux
> >>>
> >> You could modify it, or work with Fedora/upstream to get your policy in
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlL6kmoACgkQrlYvE4MpobNEDQCeI0DjpEnTgUUcA1QHPrAV59HO
> VbEAoOjrPBfABlcXB3fdtQ2EMFoVOIZG
> =i9ay
> -----END PGP SIGNATURE-----
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux