On 07/06/2014 09:12 AM, Dominick Grift wrote: > On Sat, 2014-07-05 at 14:39 +0200, Dominick Grift wrote: >> ... rules are no longer honored using policy compiled with any of the >> recent secilc revisions? >> >> My login programs no longer relabel my login tts/pts, even though my >> policy has, what i believe are, proper type_change rules. >> >> > > the compute_relabel command from libselinux-utils does the right thing. > Still for some reason the login programs do not relabelto the type. (the > identity is relabeled) > > How can this be? sesearch shows the type_change rules, compute_relabel > shows the expected result, yet some how all login program's i have tried > consistently ignore the type (but not the identity) > > I have been running SSHD in debug mode in hopes to get some more > information but as far as SSHD is concerned all is fine. It almost seems > it is just not aware of the type (needless to say the type is there and > usable) > I can't reproduce the problem with my test policies. The typechange statements look like they are correctly inserted into the binary and I am seeing the expected type changes at runtime. Is this with your monogam policy? _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
