Hi All, My Linux system has a few product-specific directories like /data, /inactive, /repl The default selinux policy would obviously not know how to label these directories the way I want, because these are not standard linux directories. If I want to label these directories a certain way... For example, suppose I want to label all the above directories as var_t, can I simply add a few lines to the below two files, and then perform relabel ? /etc/selinux/strict/contexts/files/file_contexts /etc/selinux/strict/modules/active/file_contexts - Is it okay to directly edit those files, or are the above two files auto-generated ? - If editing the files is okay, then is it okay to stick lines in anywhere, or must I follow some kind of convention ? - or is there a more recommended way to control how those product-specific directories get labeled ? - I have actually stuck some lines manually in the middle of the above two files, and for the most part it seems to work. But every once in a while, I see other directories not getting labeled correctly. Is it because the contents of these files have to be in a certain order ? Thanks in advance for your help, R.H. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
