[refpolicy] [PATCH 1/3] Add in substitutions for /usr/local

Christopher J. PeBenito cpebenito at tresys.com
Tue Jul 31 13:51:44 CDT 2012


On 07/28/12 13:06, Sven Vermeulen wrote:
> Translate any paths towards /usr/local as if they were to /usr.
> 
> Since the substitutions aren't chained together, we need to define the rules for
> the individual /usr/local/lib* directories as well.
> 
> Signed-off-by: Sven Vermeulen <sven.vermeulen at siphos.be>
> ---
>  config/file_contexts.subs_dist |    3 +++
>  1 files changed, 3 insertions(+), 0 deletions(-)
> 
> diff --git a/config/file_contexts.subs_dist b/config/file_contexts.subs_dist
> index 32b87a4..72a7a0f 100644
> --- a/config/file_contexts.subs_dist
> +++ b/config/file_contexts.subs_dist
> @@ -4,4 +4,7 @@
>  /run/lock /var/lock
>  /usr/lib32 /usr/lib
>  /usr/lib64 /usr/lib
> +/usr/local /usr

I'm reluctant to make this substitution.  From my experience, too many things don't seem follow this well.

> +/usr/local/lib32 /usr/lib
> +/usr/local/lib64 /usr/lib

I'd be more accepting of this change.

>  /var/run/lock /var/lock
> 


-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com


More information about the refpolicy mailing list