http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_livecd.patch
Policy for the livecd command, allows the creation of images for
different OS Versions then the host machine.
On Thu, 2009-05-21 at 09:55 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_livecd.patch
>
> Policy for the livecd command, allows the creation of images for
> different OS Versions then the host machine.
I don't understand why this needs its own policy.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
On 07/21/2009 10:11 AM, Christopher J. PeBenito wrote:
> On Thu, 2009-05-21 at 09:55 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_livecd.patch
>>
>> Policy for the livecd command, allows the creation of images for
>> different OS Versions then the host machine.
>
> I don't understand why this needs its own policy.
>
livecd policy is used to allow it to apply labels that the host machine does not understand. So if I am running livecd on a F10 box, and I want to build a livecd for F11, livecd will write context that F10 does not understand. It should be the only process allowed to write these labels.
seutil_domtrans_setfiles_mac(livecd_t)
Is the key.