On Wed, Jul 29, 2015 at 06:45:22AM -0400, Simon Sekidde wrote: > > > ----- Original Message ----- > > From: "Robin Lee Powell" <rlpowell@xxxxxxxxxxxxxxxxxx> > > To: "Lukas Vrabec" <lvrabec@xxxxxxxxxx>, selinux@xxxxxxxxxxxxxxxxxxxxxxx > > Sent: Wednesday, July 29, 2015 6:29:16 AM > > Subject: Re: [selinux] Re: Conflict between local module and local fcontext > > > > I removed this line: > > > > /srv/lojban/irclogs(/.*)? > > system_u:object_r:lojban_logger_logs_t:s0 > > > > from the module's .fc file, since that was the only other use of > > lojban_logger_logs_t , and that line was non-functional as > > previously described, and now the fcontext command works. > > > > Yay!, but I don't get it at all. > > The purpose of that line in the .fc is to have you avoid running > `semanage fcontext -a -t lojban_logger_logs_t > '/srv/lojban/irclogs(/.*)?'` since the label for all files in that > path dir has been predefined. Yes, but: 1. it *doesn't work*, because I have an fcontent rule for /srv/loban(/.*)? that wins over the module in all cases 2. why does the fcontext command abort with: libsemanage.dbase_llist_query: could not query record value (No such file or directory). OSError: No such file or directory when that .fc line exists?, especially when the .fc line doesn't even *do* anything? It's #2 that I don't get. Seems like a bug to me? At the very least, the error message is not helpful. -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
