FC5 seliux error trying to load local policy module

Stephen Smalley sds at tycho.nsa.gov
Mon Feb 26 18:55:20 UTC 2007


On Mon, 2007-02-26 at 13:41 -0500, Mark Haney wrote:
> I have selinux running on one of my servers and followed the FAQ on FC5 
> to build a local module that allows some scripts I"ve built to run 
> correct on this server.
> 
> However I'm encountering a problem.  When I try to run semodule -i 
> local.pp I get this:
> 
> > /usr/sbin/semodule -i local.pp
> > /usr/sbin/semodule:  Could not read file 'local.pp':
> 
> I've tried adding the path to the local.pp file, but it makes no 
> difference.  Has anyone else had this problem?

Likely a permission denial (check /var/log/audit/audit.log
or /var/log/messages for avc messages); semodule not being allowed to
take input from your home directory.  Try:
	# cp local.pp /usr/share/selinux/
	# semodule -i /usr/share/selinux/local.pp

Suggest using fedora-selinux-list in the future for these kinds of
questions.

-- 
Stephen Smalley
National Security Agency




More information about the fedora-list mailing list