[CentOS] How to have more than on SELinux context on a directory

Wed Jul 6 11:30:46 UTC 2016
Bernard Fay <bernard.fay at gmail.com>

If I understand well, I could add a type to another type?!?!?!   If that is
the case, I did not know about it.... like many things in the SELinux
world. It is so complex and so badly documented.  :-(

On Tue, Jul 5, 2016 at 1:24 PM, Александр Кириллов <nevis2us at infoline.su>

> Александр Кириллов писал 2016-07-05 19:58:
>> I need to have the  tftpdir_rw_t  and  samba_share_t  SELinux context on
>>> the same directory.
>>> How can we do this? Is it feasible to have more than one SELinux context?
>> I don't think it's possible/feasible.
>> You'd probably need to add a new type and necessary rules to your local
>> policy.
>> Or add missing allow rules to an existing type (tftpdir_rw_t or
>> samba_share_t).
>> Or use audit2allow to add necessary allow rules to an existing type.
>> Any of the above could be a major PITA.
> Some links and commands which might be useful if you really need this done:
> http://fedoraproject.org/wiki/PackagingDrafts/SELinux#Creating_new_types
> # sesearch --help
> # sesearch --allow -t samba_share_t
> # sesearch --allow -t tftpdir_rw_t
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos