On Tue, May 24, 2011 at 2:07 PM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 05/24/2011 04:46 PM, Sam Gandhi wrote: >> Hello, >> >> I am working on a embedded platform and we have busybox on this device. >> >> What we would like to do do is assign diffrent labels to various >> busybox links. What we have seen when running things on JFFS2 when I >> label a symbolic link, the actual file gets the label, but the link >> itself doesn't (according to ls -lZ output). We have seen similar >> behaviour with files on tmpfs as well. >> >> ls -lZ >> -rw-r--r-- 1 0 Jan 1 00:12 system_u:object_r:myfile_t X >> lrwxrwxrwx 1 1 Jan 1 00:13 user_u:object_r:tmpfs_t Y -> X >> >> Is there no way to assign different label to symlink and actual files? >> Is this file-system specific issue? Are there any file-system that >> support assigning seperate labels to symlink and actual file? >> >> -Sam >> >> -- >> >> > Yes you can label symbolic links differently then their targets, how are > you assiging the labels? > I am using setfilecon program found in package On tmpfs file I did : cd /tmp/ touch X ln -s X Y setfilecon system_u:object_r:myfile_t Y And I see ls -lZ output as I shown above which shows /tmp/X has the myfile_t label and not Y I can't really use tools like semanage 'cause I can't install python on this system. I will try to "reverse" engineer what semanage does and how it handles symlink v/s regular files. -Sam -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
