fedora-selinux March 2011 archive
Main Archive Page > Month Archives  > fedora-selinux archives
fedora-selinux: Re: [PATCH] Set SELinux context of host ssh keys

Re: [PATCH] Set SELinux context of host ssh keys correctly after reinstallation

From: Dominick Grift <domg472_at_nospam>
Date: Thu Mar 17 2011 - 17:50:14 GMT
To: cobbler-devel@lists.fedorahosted.org

https://fedorahosted.org/pipermail/cobbler-devel/2011-March/001950.html

I have been told that snippet discussed above is executed by anaconda.
Allow anaconda to run setfiles (restorecon) in the setfiles_t domain
so that it is allowed to restore contexts of all files even if the
unconfined module is disabled.

Signed-off-by: Dominick Grift <domg472@gmail.com>
--- :100644 100644 dd1522d... e2df760... M policy/modules/admin/anaconda.te policy/modules/admin/anaconda.te | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/policy/modules/admin/anaconda.te b/policy/modules/admin/anaconda.te index dd1522d..e2df760 100644 --- a/policy/modules/admin/anaconda.te +++ b/policy/modules/admin/anaconda.te @@ -27,6 +27,7 @@ libs_domtrans_ldconfig(anaconda_t) logging_send_syslog_msg(anaconda_t) seutil_domtrans_semanage(anaconda_t) +seutil_domtrans_setfiles(anaconda_t) seutil_domtrans_setsebool(anaconda_t) userdom_user_home_dir_filetrans_user_home_content(anaconda_t, { dir file lnk_file fifo_file sock_file }) -- 1.7.4

-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux