I usually patch selinux-policy packages. recently i added 3 modules, 2 application domains: xchat, ut2004 and 1 user domain: myuserdomain
Both application domains get called in the user domains local policy.
I have added a boolean to both application domains per-role-template: domain_confine_$1 which will let authority toggle whether the user domain should transition to the application domain or not.
One day i was using an confined xchat instance and in that same session (in another role and as another user) i updated my system and updated to a new upstream selinux-policy. This upstream policy does not include my custom modules.
And so my XChat instance instantly crashed. After upgrading the selinux-policy to my custom version i noticed that my xchat boolean had disapeared! However; my ut2004 boolean was still there.
I have tried uninstalling my modules, reverting to older upstream selinux-policies and reinstalling. The boolean is no longer there...
At the moment i am considering renaming my xchat policy and its declaration.
I would like to hear suggestions and comments
vrijdag 22 februari 2008
Abonneren op:
Posts (Atom)