-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xavier Toth wrote: > On RHEL5 genhomedircon is not processing my fc entries because they > are specifying "<<none>>" for the context. In the getHomeDirContext > function there is a call to security_check_context which fails for > "<<none>>" so the substituted string is not appended to the output. > Maybe this check should be something like: > if selinux.security_check_context(scon) == 0 or scon == "<<none>>": > > > On 10/24/07, Xavier Toth <txtoth@xxxxxxxxx> wrote: >> I'm getting the impression that genhomedircon is involved with the >> solution to my problem. Maybe you can't use HOME_DIR in a policy >> module? If I can then maybe I need to run genhomedircon to get >> homedir_templates processed into file_contexts.homedirs? >> >> On 10/24/07, Ted X Toth <txtoth@xxxxxxxxx> wrote: >>> I put entries into an .fc file to not relabel polyinstantied instance >>> directories but they get relabeled, am I doing it right: >>> HOME_DIR/\.mlrc\.inst/.* <<none>> >>> >>> I don't see anything about this directory when I do: >>> /usr/sbin/semanage fcontext -l | grep mlrc >>> >>> I do see them in /etc/selinux/mls/contexts/files/homedir_templates. >>> Seems reasonable. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHILHxrlYvE4MpobMRArgPAJ9lFBhv9VHRroSQ6OzrnFZAqOqCRQCguy1z LP3oCDbEqvZlF7G5iXCA79g= =VUfA -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
