FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 09-30-2008, 09:24 AM
Frank Murphy
 
Default Need Info addingediting to a personal module?

Examples only:


If exim gave an avc denial.

1: Create policy.
audit2allow -M myexim < /var/log/audit/audit.log

then enable it.
semodule -i myexim.pp

2: If then in a couple of days exim generates another avc denial,
different from the first.

How does one ediduse audid2allow to include the new avc.

Have looked at "man audit2allow" and can't seem to grasp an edit from
the options.

Frank

--
gpg id EB547226 Revoked Forgot Password
aMSN: Frankly3D
http://www.frankly3d.com

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 10-01-2008, 02:01 AM
Murray McAllister
 
Default Need Info addingediting to a personal module?

Frank Murphy wrote:

Examples only:


If exim gave an avc denial.

1: Create policy.
audit2allow -M myexim < /var/log/audit/audit.log

then enable it.
semodule -i myexim.pp

2: If then in a couple of days exim generates another avc denial,
different from the first.

How does one ediduse audid2allow to include the new avc.

Have looked at "man audit2allow" and can't seem to grasp an edit from
the options.

Frank


On the day that it generates another denial, you could try something like:

/sbin/ausearch -m avc -ts today | grep x | audit2allow -M
myexim2;/usr/sbin/semodule -i myexim2.pp


Where "x" is the domain, such as "httpd_t" for Apache. It is probably
best to run "/sbin/ausearch -m avc -ts today | grep x" first, to make
sure you get the results you want.


Cheers.

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 10-01-2008, 01:18 PM
Daniel J Walsh
 
Default Need Info addingediting to a personal module?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frank Murphy wrote:
> Examples only:
>
>
> If exim gave an avc denial.
>
> 1: Create policy.
> audit2allow -M myexim < /var/log/audit/audit.log
>
> then enable it.
> semodule -i myexim.pp
>
> 2: If then in a couple of days exim generates another avc denial,
> different from the first.
>
> How does one ediduse audid2allow to include the new avc.
>
> Have looked at "man audit2allow" and can't seem to grasp an edit from
> the options.
>
> Frank
>
You've been blogged.

http://danwalsh.livejournal.com/24750.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjjeLcACgkQrlYvE4MpobPtJwCfSBpjyX4XSZ YKQt2hZ40oRIoK
byQAn3nHH28XUC77lg/O8B4G3sX/UQ90
=IkZx
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 05:54 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org