Stephen Smalley wrote:
> On Wed, 2007-08-01 at 08:29 -0400, Stephen Smalley wrote:
>   
>> On Tue, 2007-07-31 at 16:57 -0400, Daniel J Walsh wrote:
>>     
>>> Joshua Brindle wrote:
>>>       
>>>> Daniel J Walsh wrote:
>>>>         
>>>>> cat /tmp/test.py
>>>>> #!/usr/bin/python
>>>>> from semanage import *
>>>>> sh = semanage_handle_create()
>>>>> rc, con = semanage_context_from_string(sh, "<<none>>")
>>>>> rc,fcontext = semanage_fcontext_create(sh)
>>>>> semanage_fcontext_set_con(sh, fcontext, con)
>>>>>
>>>>>
>>>>> # python /tmp/test.py
>>>>> Segmentation fault
>>>>>           
>>>> Granted the segfault needs to be fixed but what exactly are you trying 
>>>> to accomplish? <<none>> is not a type, its just something matchpathcon 
>>>> uses to short circuit its labeling behavior.
>>>>
>>>>         
>>> I have a request from someone who wants to setup a directory that 
>>> shortcuts the labeling behaviour.  IE wants restorecon and friends to do 
>>> nothing in the directory.
>>>       
>> libsemanage maps a NULL context to <<none>>.
>>     
>
> Also, you never did a semanage_context_create() in the above.
>
>   

rc, con = semanage_context_from_string(sh, "<<none>>")
Should do the same, well at least

rc, con = semanage_context_from_string(sh, "system_u:object_r:etc_t")

Should


Anyways I worked on this a little further,  I now have creation working and modification partially working.

I can create a <<none>> entry as described in a previous mail, and I can modify it to a normal context.  But I have 
no way of modifying a normal context to a <<none>> without deleting and recreating the entry.

                       rc = semanage_fcontext_set_con(self.sh, fcontext, None)

Segfaults.

Attached patch has the relevant changes to seobject.py