Hello, Currently in the refpolicy unconfined users can transition to the rpm_t (and then to rpm_script_t) domain when using the rpm commands.
On the other hand, the transition is not allowed for unconfined users to transition to dpkg_t. Shouldn't also be the case? I can propose a patch if you want, but I prefer to ask first as I know there are some discussion about transitioning users out of the unconfined domain. Also, since 1.17.0, dpkg is transitioning maintainer scripts to the dpkg_script_t domain. Unfortunately the dpkg-reconfigure script (which is in perl) is not doing so. An idea how this should be done? I've opened [0] is somebody is interested. Cheers, Laurent Bigonville [0] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732845 _______________________________________________ SELinux-devel mailing list SELinux-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel