|

»

»

»

Fedora SELinux List

Need Info adding\editing to a personal module?

View: New views

3 Messages — Rating Filter: Alert me

	Need Info adding\editing to a personal module? by Frank Murphy-4 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Examples only: If exim gave an avc denial. 1: Create policy. audit2allow -M myexim < /var/log/audit/audit.log then enable it. semodule -i myexim.pp 2: If then in a couple of days exim generates another avc denial, different from the first. How does one edid\use audid2allow to include the new avc. Have looked at "man audit2allow" and can't seem to grasp an edit from the options. Frank -- gpg id EB547226 Revoked Forgot Password :( aMSN: Frankly3D http://www.frankly3d.com -- fedora-selinux-list mailing list fedora-selinux-list@... https://www.redhat.com/mailman/listinfo/fedora-selinux-list
	Re: Need Info adding\editing to a personal module? by Murray McAllister :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Frank Murphy wrote: > Examples only: > > > If exim gave an avc denial. > > 1: Create policy. > audit2allow -M myexim < /var/log/audit/audit.log > > then enable it. > semodule -i myexim.pp > > 2: If then in a couple of days exim generates another avc denial, > different from the first. > > How does one edid\use audid2allow to include the new avc. > > Have looked at "man audit2allow" and can't seem to grasp an edit from > the options. > > Frank > On the day that it generates another denial, you could try something like: /sbin/ausearch -m avc -ts today \| grep x \| audit2allow -M myexim2;/usr/sbin/semodule -i myexim2.pp Where "x" is the domain, such as "httpd_t" for Apache. It is probably best to run "/sbin/ausearch -m avc -ts today \| grep x" first, to make sure you get the results you want. Cheers. -- fedora-selinux-list mailing list fedora-selinux-list@... https://www.redhat.com/mailman/listinfo/fedora-selinux-list
	Re: Need Info adding\editing to a personal module? by Daniel J Walsh :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frank Murphy wrote: > Examples only: > > > If exim gave an avc denial. > > 1: Create policy. > audit2allow -M myexim < /var/log/audit/audit.log > > then enable it. > semodule -i myexim.pp > > 2: If then in a couple of days exim generates another avc denial, > different from the first. > > How does one edid\use audid2allow to include the new avc. > > Have looked at "man audit2allow" and can't seem to grasp an edit from > the options. > > Frank > You've been blogged. http://danwalsh.livejournal.com/24750.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkjjeLcACgkQrlYvE4MpobPtJwCfSBpjyX4XSZYKQt2hZ40oRIoK byQAn3nHH28XUC77lg/O8B4G3sX/UQ90 =IkZx -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@... https://www.redhat.com/mailman/listinfo/fedora-selinux-list

LightInTheBox - Buy quality products at wholesale price!