-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/06/2014 10:39 AM, Les Mikesell wrote:
On Thu, Mar 6, 2014 at 8:02 AM, Daniel J Walsh dwalsh@redhat.com wrote:
setsebool -P zebra_write_config 1
Is there some global registration facility for selinux context names or are you the only one that knows them all?
Don't really know what you mean by that.
I mean, if different people make up new names for use in different new applications, what keeps them from colliding/conflicting when the packaged settings are later installed on the same computer?
getsebool -a
Will list all booleans
semanage boolean -l
Will list them with a short description.
All in the world, or all that have been created for currently installed packages? Is this as bad as rpm packaging where any two different sources are likely to conflict in name and/or contents?
Well we have not had this problem over the years, since most people upstream their policy. Right now if a customer installed a policy file which conflicted with the base policy, it will get overwritten. I guess if they did it will rpm then it would get you an RPM error/warning.