All of lore.kernel.org
 help / color / mirror / Atom feed
* A question about genhomedircon
@ 2009-11-20 18:52 Manoj Srivastava
  2009-11-20 19:51 ` Manoj Srivastava
  2009-11-20 20:11 ` Christopher J. PeBenito
  0 siblings, 2 replies; 5+ messages in thread
From: Manoj Srivastava @ 2009-11-20 18:52 UTC (permalink / raw)
  To: selinux

Hi,

        Looking at policycoreutils-2.0.77/scripts/genhomedircon, I see:
--8<---------------cut here---------------start------------->8---
#!/bin/sh
/usr/sbin/semodule -Bn
--8<---------------cut here---------------end--------------->8---

        Looking at the man page for semodule, it says:
--8<---------------cut here---------------start------------->8---
 -B, --build
        force a rebuild of policy (also reloads unless -n is used)
 -n,--noreload
        do not reload policy after commit
--8<---------------cut here---------------end--------------->8---

        Given that, it would seem that genhomedircon rebuilds, but does
 not reload policy. I would expect genhomedircon to generate SELinux
 file context configuration entries for user home directories, or
 something.

        What am I missing?

        manoj
-- 
Manoj Srivastava <srivasta@acm.org> <http://www.golden-gryphon.com/>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: A question about genhomedircon
  2009-11-20 18:52 A question about genhomedircon Manoj Srivastava
@ 2009-11-20 19:51 ` Manoj Srivastava
  2009-11-20 20:11 ` Christopher J. PeBenito
  1 sibling, 0 replies; 5+ messages in thread
From: Manoj Srivastava @ 2009-11-20 19:51 UTC (permalink / raw)
  To: selinux

Hi,
On Fri, Nov 20 2009, Manoj Srivastava wrote:

>         Looking at policycoreutils-2.0.77/scripts/genhomedircon, I see:
> #!/bin/sh
> /usr/sbin/semodule -Bn
>         Looking at the man page for semodule, it says:
>  -B, --build
>         force a rebuild of policy (also reloads unless -n is used)
>  -n,--noreload
>         do not reload policy after commit
>         Given that, it would seem that genhomedircon rebuilds, but does
>  not reload policy. I would expect genhomedircon to generate SELinux
>  file context configuration entries for user home directories, or
>  something.
>
>         What am I missing?

        I also note that there used to be a man page (see
 http://linux.die.net/man/8/genhomedircon  for the old contents) that
 also seems to have gone away.

        manoj
-- 
Manoj Srivastava <srivasta@acm.org> <http://www.golden-gryphon.com/>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: A question about genhomedircon
  2009-11-20 18:52 A question about genhomedircon Manoj Srivastava
  2009-11-20 19:51 ` Manoj Srivastava
@ 2009-11-20 20:11 ` Christopher J. PeBenito
  2009-11-28  2:18   ` Manoj Srivastava
  1 sibling, 1 reply; 5+ messages in thread
From: Christopher J. PeBenito @ 2009-11-20 20:11 UTC (permalink / raw)
  To: Manoj Srivastava; +Cc: selinux

On Fri, 2009-11-20 at 12:52 -0600, Manoj Srivastava wrote:
> Hi,
> 
>         Looking at policycoreutils-2.0.77/scripts/genhomedircon, I see:
> --8<---------------cut here---------------start------------->8---
> #!/bin/sh
> /usr/sbin/semodule -Bn
> --8<---------------cut here---------------end--------------->8---
> 
>         Looking at the man page for semodule, it says:
> --8<---------------cut here---------------start------------->8---
>  -B, --build
>         force a rebuild of policy (also reloads unless -n is used)
>  -n,--noreload
>         do not reload policy after commit
> --8<---------------cut here---------------end--------------->8---
> 
>         Given that, it would seem that genhomedircon rebuilds, but does
>  not reload policy. I would expect genhomedircon to generate SELinux
>  file context configuration entries for user home directories, or
>  something.
> 
>         What am I missing?

Theres no need to reload the policy, as the policy isn't changing.  It
does, however, regenerate the file contexts, including the home dir
contexts.


-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: A question about genhomedircon
  2009-11-20 20:11 ` Christopher J. PeBenito
@ 2009-11-28  2:18   ` Manoj Srivastava
  2009-12-01 22:51     ` Daniel J Walsh
  0 siblings, 1 reply; 5+ messages in thread
From: Manoj Srivastava @ 2009-11-28  2:18 UTC (permalink / raw)
  To: selinux

On Fri, Nov 20 2009, Christopher J. PeBenito wrote:


> Theres no need to reload the policy, as the policy isn't changing.  It
> does, however, regenerate the file contexts, including the home dir
> contexts.

        So the behaviour has not changed? In which case, can we bring
 back the  man page for the command?

        manoj
-- 
Manoj Srivastava <srivasta@acm.org> <http://www.golden-gryphon.com/>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: A question about genhomedircon
  2009-11-28  2:18   ` Manoj Srivastava
@ 2009-12-01 22:51     ` Daniel J Walsh
  0 siblings, 0 replies; 5+ messages in thread
From: Daniel J Walsh @ 2009-12-01 22:51 UTC (permalink / raw)
  To: selinux

On 11/27/2009 09:18 PM, Manoj Srivastava wrote:
> On Fri, Nov 20 2009, Christopher J. PeBenito wrote:
> 
> 
>> Theres no need to reload the policy, as the policy isn't changing.  It
>> does, however, regenerate the file contexts, including the home dir
>> contexts.
> 
>         So the behaviour has not changed? In which case, can we bring
>  back the  man page for the command?
> 
>         manoj
Sounds good to me.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2009-12-01 22:51 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-11-20 18:52 A question about genhomedircon Manoj Srivastava
2009-11-20 19:51 ` Manoj Srivastava
2009-11-20 20:11 ` Christopher J. PeBenito
2009-11-28  2:18   ` Manoj Srivastava
2009-12-01 22:51     ` Daniel J Walsh

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.