Re: make installworld, permissions and labels
From: markzero (mark_at_darklogik.org)
Date: 04/28/05
- Previous message: markzero: "make installworld, permissions and labels"
- Maybe in reply to: markzero: "make installworld, permissions and labels"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Apr 2005 17:00:22 +0100 To: Tom Rhodes <trhodes@freebsd.org>
> On Thu, 28 Apr 2005 14:10:17 +0100
> markzero <mark@darklogik.org> wrote:
>
> > Just a quick question,
>
> Hey, I know you! You called me an ***! But it was funny. :)
Hehe, sorry about that. I was young and stupid. ;)
It's a small world isn't it?
> Anyway Mark,
>
> > My system is quite heavily customised with regard to permissions
> > and MAC labels on system binaries. Is there any way to stop
> > make installworld resetting all my customisation? At the moment
> > I have a set of scripts to set permissions on everything but that's
> > not exactly ideal.
>
> You can create a /etc/policy.contexts file, see the Handbook
> for my example. Then read this in using the setfsmac(1)
> command. Then edit /etc/mac.conf, while this really doesn't
> prevent the clobbering, it makes a quick permission setup.
> I would think that easier than a script.
Sounds interesting, I'll give it a try. If it works I can simply
make my script do the above at the end to fix the labels (instead
of reinventing the wheel like it does at the moment).
> Though, I'll bring this up with some of the other TrustedBSD
> developers. There should be a better way, in my opinion.
Thanks, Tom. Out of interest, how is TrustedBSD coming along? I
don't track -CURRENT and even in -STABLE there are still warnings
about apropriateness for production use. I find it pretty much does
all that I require (even if setting it up isn't the most enjoyable
of procedures!) but I'm always interested to know how things are
progressing.
Thanks,
Mark
-- PGP: http://www.darklogik.org/pub/pgp/pgp.txt B776 43DC 8A5D EAF9 2126 9A67 A7DA 390F DEFF 9DD1
- application/pgp-signature attachment: stored
- Previous message: markzero: "make installworld, permissions and labels"
- Maybe in reply to: markzero: "make installworld, permissions and labels"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
