Re: pam_namespace context inside of name.inst

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Dominick Grift <domg472@gmail.com>
To: selinux@tycho.nsa.gov
Subject: Re: pam_namespace context inside of name.inst
Date: Sun, 27 Sep 2009 15:13:08 +0200	[thread overview]
Message-ID: <20090927131307.GA4502@notebook2.grift.internal> (raw)
In-Reply-To: <dd18b0c30909262312l1c5a82dfxf9270ecc33b9d64a@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1305 bytes --]

On Sat, Sep 26, 2009 at 11:12:20PM -0700, Justin Mattock wrote:
> I'm going crazy over here trying to figure
> out how one system created a context inside
> name.inst one way and another for the other system:
> 
> the first system has inside of
> name.inst:
> system_u:object_r:file_t_name

This is wrong because the fs wasnt labelled properly
> 
> and on the other system I have:
> 
> name:object_r:user_home_dir_t_name

This is right

> the only difference with the machines is one machine
> had not been labeled yet, before turning on namespace.
> 
> what should be the right context directory inside of
> name.inst?

Depends, i think theres 3 different possibilities (not sure)

first theres only name (no selinux) which create a dir with the user name
second is context which create a dir with the context of the usre home dir (user_home_dir_t and appends the user name
third is level , which creates a dir with the context of the user home dir and appends the username and also appends the level of the dir.

> -- 
> Justin P. Mattock
> 
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]

next prev parent reply	other threads:[~2009-09-27 13:13 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-09-27  6:12 pam_namespace context inside of name.inst Justin Mattock
2009-09-27 13:13 ` Dominick Grift [this message]
2009-09-27 15:14   ` Justin P. Mattock
2009-09-27 16:05     ` Dominick Grift
2009-09-27 17:51       ` Justin Mattock
2009-09-27 22:45       ` Justin P. Mattock

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20090927131307.GA4502@notebook2.grift.internal \
    --to=domg472@gmail.com \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.