Re: SELinux log

[Ricardo Wurmus]

Laura Lazzati <address@hidden> writes:

> I added the lines to a copy of guix-daemon.cil which I got from cloning
> guix and placed it in root's home.

Which lines?  All of the changes I described were not necessarily ready
for inclusion.  They were all untested.

> Since everything was messy (/gnu had  d?????????? as permissions as well as
> all the fields listed with `ls -l`, and could not solve it, even trying to
> delete it ), I restored my VM to the point prior to adding the policy and
> loading the module.
> There i ran semodule, using the new file,  created the .autorelabel file
> and rebooted. It labeled everything, but I still can't run guix, and /gnu
> dir again ended with these weird permisions:
> d??????????   ? ?    ?        ?            ? gnu

This probably just means that there is no context permissions for “ls”
to access /gnu.  Another “allow” rule may be required to permit
read-only access on /gnu to any process.

--
Ricardo