selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: /dev on tmpfs. How to label?

Re: /dev on tmpfs. How to label?

From: AlannY <m_at_nospam>
Date: Thu Jan 28 2010 - 13:55:26 GMT
To: Stephen Smalley <sds@tycho.nsa.gov>


On Thu, Jan 28, 2010 at 08:29:18AM -0500, Stephen Smalley wrote:
> Most distros do that these days, and it works fine in Fedora, for
> example.
>
> The technique used in Fedora is to run restorecon -R /dev from
> rc.sysinit to set the contexts on the /dev nodes set up before the
> policy load, and udev is already SELinux-aware (if built with SELinux
> support enabled) and should label any dynamically created nodes
> appropriately once SELinux policy has loaded.

Ok. I've built udev --with-selinux and it seems now I have a good context (or maybe right?).

Well, my Controlling term: user_u:object_r:user_tty_device_t:s0. Is it normal? -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.