[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    File context not applied due to regex ordering
From:       Laurent Bigonville <bigon () debian ! org>
Date:       2013-03-21 11:32:56
Message-ID: 20130321123256.198ba5b6 () soldur ! bigon ! be
[Download RAW message or body]

Hello,

I remember that I already talk about this on IRC a while back, but I
don't remember if there was any outcome.

The refpolicy is containing the following filecontext:

/usr/(s)?bin/gdm(3)?    --      gen_context(system_u:object_r:xdm_exec_t,s0)

But for some reasons /usr/sbin/gdm3 is labeled on disk as bin_t instead
of xdm_exec_t. matchpathcon is giving me this:

/usr/bin/gdm	system_u:object_r:xdm_exec_t:SystemLow
/usr/bin/gdm3	system_u:object_r:xdm_exec_t:SystemLow
/usr/sbin/gdm	system_u:object_r:bin_t:SystemLow
/usr/sbin/gdm3	system_u:object_r:bin_t:SystemLow

Changing the regex to /usr/s?bin/gdm(3)? fix the issue.

Shouldn't this be fixed in the userspace libraries?

Cheers

Laurent Bigonville

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]