Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 544598 - /usr/sbin/selocal: allow .te files in ~/.selocal to be symlinked
Summary: /usr/sbin/selocal: allow .te files in ~/.selocal to be symlinked
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: SELinux (show other bugs)
Hardware: All Linux
: Low enhancement (vote)
Assignee: SE Linux Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-03-26 20:20 UTC by Ondrej Famera
Modified: 2015-08-24 05:27 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments
patch for /usr/sbin/selocal (selocal.patch,864 bytes, patch)
2015-03-26 20:20 UTC, Ondrej Famera
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ondrej Famera 2015-03-26 20:20:46 UTC
Created attachment 399834 [details, diff]
patch for /usr/sbin/selocal

Because selocal uses command 'mv' after invoking build of module it is not possible to symlink .te files. I have attached simple patch that solves this issue and allows to have symlinks like this: ~/.selocal/my_module.te -> /target/of/symlink.
Comment 1 Jason Zaman gentoo-dev 2015-07-04 12:45:35 UTC
+  04 Jul 2015; Jason Zaman <perfinion@gentoo.org>
+  +policycoreutils-2.4-r1.ebuild, policycoreutils-9999.ebuild:
+  bump of policycoreutils-extra, fixes bugs 544598, 517456, 517450
Comment 2 Ondrej Famera 2015-08-23 10:29:53 UTC
Thanks, works for me in policycoreutils-2.4-r1.ebuild, test below.

selocal -m test -a "some selinux rule"
mv /root/.selocal/test.te /root/repo/
ln -s /root/repo/test.te /root/.selocal/test.te
selocal -m test -a "another selinux rule"

=< policycoreutils-2.4
ls -l /root/.selocal/test.te
/root/.selocal/test.te

= policycoreutils-2.4-r1
ls -l /root/.selocal/test.te
/root/.selocal/test.te -> /root/repo/test.te
Comment 3 Jason Zaman gentoo-dev 2015-08-24 05:27:56 UTC
Great, thanks for testing.