On 04/18/2017 01:15 AM, Dominick Grift wrote:
acme_nss_t needs to be associate with "can_change_object_identity" to
be able to change the object identity from system_u to unconfined_u
typeattribute acme_nss_t can_change_object_identity;
or the appropriate macro:
domain_obj_id_change_exemption(acme_nss_t)
Excellent, thank you!
But there is no need to change the object identity in the first
place, system_u will do fine.
I'll have to think about this. I'm actually copying a directory tree
from one place to another and copying the context from the source to
destination with getfilecon() and setfilecon().
What APIs should I use if I *only* wanted to copy the type?
--
========================================================================
Ian Pilcher [email protected]
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================
_______________________________________________
Selinux mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to [email protected].
