Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing Listlearning about policies/transitions
From: Serge Hallyn <serge.hallyn_at_gmail.com>
Date: Wed, 3 Nov 2004 10:45:30 -0600
I've been trying (on and off for some time) to get a very simple test policy working on a FC2 selinux system. I just want it to have the following types:
boot_d: default domain
The policy files are attached. I did checkpolicy -o basic.bin basic.pol cp basic.bin /etc/security/selinux/policy.17 (boot with selinux=0) setfiles basic.ctx / Doing these same steps with /etc/security/selinux/src/policy/policy.conf and /etc/security/selinux/src/policy/file_contexts/file_contexts results in a working selinux system. With my basic policy, though, boot_d will not transition to login_d on execution of /bin/login. ls -Z /bin/login shows that it is labeled as login_et. Since logging in doesn't work, I test by booting single user mode, and running
ps -Z
What am I missing in the policy that would enable this automatic domain transition to happen?
thanks,
-- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Wed 3 Nov 2004 - 11:45:42 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |