On Thu, 2012-07-19 at 14:49 -0700, Haiqing Jiang wrote: > From: hqjiang <hqjiang1988@xxxxxxxxx> > > --- > installd.te | 2 ++ > 1 files changed, 2 insertions(+), 0 deletions(-) > > diff --git a/installd.te b/installd.te > index 466125e..5211f0a 100644 > --- a/installd.te > +++ b/installd.te > @@ -20,3 +20,5 @@ dontaudit installd self:capability sys_admin; > selinux_check_context(installd) > # Read /seapp_contexts, presently on the rootfs. > allow installd rootfs:file r_file_perms; > +# Link/Unlink app_data_file > +allow installd app_data_file:lnk_file link_file_perms; What actual permissions were required? link (create a hard link) doesn't make sense on a symlink (lnk_file). unlink and rename are legitimate, but wondering whether anything other than unlink was required. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
