On 06/28/2017 09:36 AM, Thomas Mueller wrote:
Hey Juan
I'm troubleshooting the radicale policy but I cannot figure why the
service fails to transition to radicale_t. It runs in the init_t domain.
How you starting this service?
Lukas
http://pkgs.fedoraproject.org/cgit/rpms/radicale.git/plain/radicale.te
http://pkgs.fedoraproject.org/cgit/rpms/radicale.git/plain/radicale.fc
http://pkgs.fedoraproject.org/cgit/rpms/radicale.git/plain/radicale.if
is your module loaded? (semodule -l | grep radicale)
Do your files have correct labels? (ls -lZ /usr/bin/radicale )?
> allow radicale_t bin_t:file execute;
might better use the corecmd_exec_bin()
http://oss.tresys.com/docs/refpolicy/api/kernel_corecommands.html#link_corecmd_exec_bin
> files_type(radicale_etc_t);
maybe better use files_config_file()
http://oss.tresys.com/docs/refpolicy/api/kernel_files.html#link_files_config_file
- Thomas
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
--
Lukas Vrabec
Software Engineer, Security Technologies
Red Hat, Inc.
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
