Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: Multiple contexts
From: Thomas Bleher <bleher_at_informatik.uni-muenchen.de>
Date: Fri, 14 Jan 2005 00:17:49 +0100
This seems very useful. I have experimented a bit with this idea this evening; the resulting script is attached. It takes a policy.conf and outputs a new type (plus corresponding rules). The script is not perfect because it parses the policy.conf itself, but it should work for almost all file_types. You will still need policy sources, but you won't need to go through all sources to find the appropriate rules, the following should do the trick (not tested): # cd /etc/selinux/strict/src/policy # make policy.conf # createcon samba_httpd_content_t samba_share_t httpd_sys_content_t < policy.conf >> domains/misc/local.te # make reload Thomas -- http://www.cip.ifi.lmu.de/~bleher/selinux/ - my SELinux pages GPG-Fingerprint: BC4F BB16 30D6 F253 E3EA D09E C562 2BAE B2F4 ABE7Received on Thu 13 Jan 2005 - 18:17:47 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |