Il 2020-07-31 10:45 Ondrej Mosnacek ha scritto:
Just to clarify: The upstream ML is a place for general discussions about SELinux itself. Just in case you intend to mention the boolean there - for that you should rather file a BZ against selinux-policy on Fedora. I recommended the list specifically for the general question about symlinks.
Done: https://bugzilla.redhat.com/show_bug.cgi?id=1862383
I think Stephen meant something along the lines that our policy macros should account for the possibility of system directories to be symlinked and generate the appropriate allow rules alongside the dir ones. Which would be a better solution, but likely also a lot of work to fix everywhere properly :/
Yeah, this would probably be the definitive solution. Thanks. -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.danti@xxxxxxxxxx - info@xxxxxxxxxx GPG public key ID: FF5F32A8 _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx