Query regarding booleans
Stephen Smalley
sds at tycho.nsa.gov
Thu Feb 5 17:56:45 UTC 2009
On Wed, 2009-02-04 at 21:18 -0800, Deependra Singh Shekhawat wrote:
>
> Greetings,
>
>
>
> I have written a selinux policy in fedora which actually have a
> boolean declared within the policy and when the boolean is on some
> allow rules are written which actually come into picture. But if the
> boolean is off the SELinux denial message doesn't suggest the user to
> actually switch on the boolean. I have seen in the normal case with
> the default booleans this is not the case and the denial actually
> suggest the user to switch on the boolean. I believe I need to do
> something more then what I am currently doing that's why I am asking
> here.
>
>
>
> Can you suggest me anything regarding this ?
If you feed the denial message to audit2why, does it suggest changing
the boolean?
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list