Re: SELinux file context matching

2016-02-02 Thread Jason Zaman
On Tue, Feb 02, 2016 at 01:15:51PM -0500, Stephen Smalley wrote: > On 02/02/2016 12:48 PM, Mark Steele wrote: > > Hi list, > > > > I've got some file contexts setup for an application, and can't get the > > file context matching to work as I would expect. > > > > [root@dev1 policy]# cat > >

Re: SELinux file context matching

2016-02-02 Thread Stephen Smalley
On 02/02/2016 12:48 PM, Mark Steele wrote: Hi list, I've got some file contexts setup for an application, and can't get the file context matching to work as I would expect. [root@dev1 policy]# cat /etc/selinux/targeted/contexts/files/file_contexts | grep cinched /etc/cinched(/.*)?

Re: SELinux file context matching

2016-02-02 Thread Mike Palmiotto
On Tue, Feb 2, 2016 at 1:15 PM, Stephen Smalley wrote: > On 02/02/2016 12:48 PM, Mark Steele wrote: >> >> Hi list, >> >> I've got some file contexts setup for an application, and can't get the >> file context matching to work as I would expect. >> >> [root@dev1 policy]# cat >>

Re: SELinux file context matching

2016-02-02 Thread Mark Steele
Thanks guys, I forgot to check the _dist file, switching to /usr/lib did the trick. Cheers, Mark On Tue, Feb 2, 2016 at 1:31 PM, Mike Palmiotto < mike.palmio...@crunchydata.com> wrote: > On Tue, Feb 2, 2016 at 1:15 PM, Stephen Smalley wrote: > > On 02/02/2016 12:48 PM,

Re: genhomedircon uid template

2016-02-02 Thread Stephen Smalley
On 02/02/2016 01:26 AM, Jason Zaman wrote: On Mon, Feb 01, 2016 at 02:30:37PM -0500, Stephen Smalley wrote: On 02/01/2016 04:36 AM, Jason Zaman wrote: Hi all, XDG_RUNTIME_DIR is usually /run/user/$UID but there is no way to label that in an fcontext file. It used to be /run/user/USER which is

SELinux file context matching

2016-02-02 Thread Mark Steele
Hi list, I've got some file contexts setup for an application, and can't get the file context matching to work as I would expect. [root@dev1 policy]# cat /etc/selinux/targeted/contexts/files/file_contexts | grep cinched /etc/cinched(/.*)? system_u:object_r:ts_etc_t:s0 /var/log/cinched(/.*)?

Re: genhomedircon uid template

2016-02-02 Thread Christopher J. PeBenito
On 2/2/2016 1:26 AM, Jason Zaman wrote: > On Mon, Feb 01, 2016 at 02:30:37PM -0500, Stephen Smalley wrote: >> On 02/01/2016 04:36 AM, Jason Zaman wrote: >>> Hi all, >>> >>> XDG_RUNTIME_DIR is usually /run/user/$UID but there is no way to label >>> that in an fcontext file. It used to be