On 03/02/2017 12:12 AM, Jason Zaman wrote:
On Wed, Mar 01, 2017 at 05:51:01PM -0600, Ian Pilcher wrote:
On 03/01/2017 05:28 PM, Ian Pilcher wrote:
Per Lennart's response, systemd *should* be honoring the file context
rules when creating the directory. It's almost as if the directory is
being created with the proper context, but something is changing it
after the fact. I have absolutely no idea what that might be, though.
Try using auditd to get details on everything going on in there:
auditctl -w /var/run/squoxy -p rwa -k watchsquoxy
then start things up and get everything matching with:
ausearch -k watchsquoxy
And wouldn't you know ... I can't reproduce the behavior now. Sheesh!
Must be one of these fancy new quantum computers. (Something about
rebooting 3 times comes to mind.)
also, not sure if it was just weirdness in your email formatting, but
you dont need the ^ at the front of an fcontext:
^/var/run/squoxy
Does SELinux add an implicit ^ at the beginning of each expression?
Otherwise, wouldn't /run/squoxy(/.*)? also match /foo/run/squoxy? (Not
necessarily likely, but ...)
--
========================================================================
Ian Pilcher arequipeno@xxxxxxxxx
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
