search for: chronyd_t

Hi, the instructions for "Time Synchronisation - SELinux Labeling and Policy" on https://wiki.samba.org/index.php/Time_Synchronisation_-_SELinux_Labeling_and_Policy don't seem to work on CentOS 8. Using chrony I tried to adapt them (with very limited SELinux knowledge) like this: chcon -u system_u -t chronyd_exec_t /var/lib/samba/ntp_signd semanage fcontext -a -t chronyd_exec_t

hi, i want set selinux to usw with ntpd but when i run (as described in wiki) semanage -a -t ntpd_t "/usr/local/samba/var/lib/ntp_signd" i have that error " usage: semanage [-h] {import,export,login,user,port,ibpkey,ibendport,interface,module,node,fcontext,boolean,permissive,dontaudit} ... semanage: error: argument subcommand: invalid choice:

...changing the context of ntp_signd and probably have problems with Samba trying to create or write to it because it doesn't have the appropriate Samba context, Let chrony access the Samba labeled files with a SELinux module like: ====================== module local 1.0; require { type chronyd_t; type container_file_t; class sock_file write; class dir search; } allow chronyd_t container_file_t:dir search; allow chronyd_t container_file_t:sock_file write; ====================== Note: I use container_file_t because my Samba is containerized, but you should use samba_var_t s...

...ule -M -m -o local.mod local.te semodule_package -o local.pp -m local.mod semodule -i local.pp ==================== local.te ======================== module local 1.0; require { type ntpd_t; type <sign_socket_context>; class sock_file write; class dir search; } allow chronyd_t <sign_socket_context>:dir search; allow chronyd_t <sign_socket_context>:sock_file write; ======================================================