| Summary: | Make /var/lib/gentoo portage_var_lib_t (or similar) | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Sven Vermeulen (RETIRED) <swift> |
| Component: | SELinux | Assignee: | SE Linux Bugs <selinux> |
| Status: | CONFIRMED --- | ||
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 530912 | ||
|
Description
Sven Vermeulen (RETIRED)
2014-08-10 17:05:51 UTC
(In reply to Sven Vermeulen from comment #0) > Layman (running in portage_fetch_t) in some cases needs access to > /var/lib/gentoo/news (creating a lockfile). This location is currently > var_lib_t. how do you trigger this? > We probably need to make this its own file type, and then grant the proper > portage domains access to it. this already exists: /var/lib/portage(/.*)? gen_context(system_u:object_r:portage_cache_t,s0) perhaps just re-use portage_cache_t for /var/lib/gentoo too? |