On 08/04/2009 08:05 AM, Christopher J. PeBenito wrote: > On Tue, 2009-08-04 at 07:20 -0400, Daniel J Walsh wrote: >> Now that we have labelling equivalence should we just add a >> >> /lib64 /lib >> /usr/lib64 /usr/lib >> /usr/local/lib64 /usr/local/lib >> >> Seems we could simplify policy and prevent many mistakes. Might speed up regex matching a little bit. >> >> >> grep 64 /etc/selinux/targeted/contexts/files/file_contexts | wc >> 259 735 18694 >> >> >> If were were more agressive >> >> /usr/local /usr >> /opt /usr > > Makes sense to me. But is there a way for the policy to specify an > equivalence, or is it currently limited to the semanage cli? > Currently it is CLI, but it should probably be merged into the sandbox, some how. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
