On 01/03/2017 01:33 PM, Dominik 'Rathann' Mierzejewski wrote:
On Tuesday, 03 January 2017 at 13:18, Ralf Corsepius wrote:
On 01/03/2017 11:53 AM, Martin Gansser wrote:
i am the package maintainer of boomaga and users told me that
there is a problem with access rights, when writing to ~/.cache
directory.
A selinux package already exists for testing in:
https://martinkg.fedorapeople.org/Review/test/boomaga/
And a bugzilla bug report also exists:
https://bugzilla.redhat.com/show_bug.cgi?id=1409115
Bugreport on the boomaga developer site:
https://github.com/Boomaga/boomaga/issues/43
Can someone help to write the correct selinux rules ?
Well, rpms are not suppose to touch anything below $HOME at all.
I.e. $HOME rsp. ~/ is out of rpm's (and SELinux's) business
While the above is correct for rpm, SELinux does have business in
protecting $HOME. Just run ls -lZ in your home directory and see
for yourself. For example, ~/public_html has httpd_user_content_t
context, ~/bin has home_bin_t, ~/.config has config_home_t, etc.
Jikes, what a messy design!
People seem to have forgotten that homes are completely out of a
distro's control. They are not guaranteed to be on a local filesystem or
on an SELinux-enabled filesystem and are not standardized by any
standard ....
Ralf
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
