On Sat, 2008-06-07 at 14:16 +0100, Martin Orr wrote: > On a 64-bit Debian system, /usr/lib32 is a symlink to > /emul/ia32-linux/usr/lib. It should be labelled as lib_t. > > I don't know if the distro_debian is necessary - take it out if you want. Actually what seems excessive is the (.*/)? in the middle. Is it really needed? Its very broad, and doesn't sound like its needed. > plain text document attachment (116_usr_lib32) > Written by: Martin Orr > > Mark /usr/lib32 as type lib_t > > Index: policy/modules/system/libraries.fc > =================================================================== > --- policy/modules/system/libraries.fc.orig > +++ policy/modules/system/libraries.fc > @@ -110,6 +110,9 @@ > > /usr/(.*/)?lib(/.*)? gen_context(system_u:object_r:lib_t,s0) > /usr/(.*/)?lib64(/.*)? gen_context(system_u:object_r:lib_t,s0) > +ifdef(`distro_debian',` > + /usr/(.*/)?lib32(/.*)? -l gen_context(system_u:object_r:lib_t,s0) > +') > > /usr/(.*/)?lib(64)?(/.*)?/ld-[^/]*\.so(\.[^/]*)* gen_context(system_u:object_r:ld_so_t,s0) > -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
