If I understand well, I could add a type to another type?!?!?! If that is the case, I did not know about it.... like many things in the SELinux world. It is so complex and so badly documented. :-(
On Tue, Jul 5, 2016 at 1:24 PM, Александр Кириллов nevis2us@infoline.su wrote:
Александр Кириллов писал 2016-07-05 19:58:
I need to have the tftpdir_rw_t and samba_share_t SELinux context on
the same directory.
How can we do this? Is it feasible to have more than one SELinux context?
I don't think it's possible/feasible. You'd probably need to add a new type and necessary rules to your local policy. Or add missing allow rules to an existing type (tftpdir_rw_t or samba_share_t). Or use audit2allow to add necessary allow rules to an existing type. Any of the above could be a major PITA.
Some links and commands which might be useful if you really need this done:
http://fedoraproject.org/wiki/PackagingDrafts/SELinux#Creating_new_types
# sesearch --help # sesearch --allow -t samba_share_t # sesearch --allow -t tftpdir_rw_t
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos