Re: How do I create a directory in C that will follow selinux file context rules?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

On 03/24/2015 10:45 PM, Jayson Hurst wrote:
I need to create a directory in a C binary.
 
I am currently doing something similar to this:
 
 
status = mkdir("/home/cnd/mod1", S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH);
 
But when the directory is created it ends up with the wrong SELinux context. It inherits it's parent's context and 
not the one defined in file context.
This is right behavior. When you create some file it inherits it's parent's context.
Is there a C call that can be used that understands how to correctly create and label SElinux directories?
You can define filename transation in selinux policy related to your daemon.
More informations and tutorial how to use it, you can find here: http://danwalsh.livejournal.com/46018.html

If you need some help, please feel free to contact me. 

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux

-- 

Regards.

--
Lukas Vrabec
SELinux Solutions
Red Hat, Inc.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux