SE Linux policy
Russell Coker
russell at coker.com.au
Sat Apr 24 12:23:10 UTC 2004
On Fri, 23 Apr 2004 06:23, Krzysztof Mazurczyk <kmazurczyk at wskiz.poznan.pl>
wrote:
> I have started playing with new SE Linux. I have it already running.
> BTW minor question: There are messages in log that /sbin/unix_verify
> is denied to do something. System is seemed to work well. Because
> /sbin/unix_verify is from libpam-modules I'm not sure what to do -
> ignore or add some rules to policy for /sbin/unix_verify.
What access is denied?
> I can run user-mode-linux from my shell but I need to run UML when main
> system boots. UML should generaly run via nohup program in background
> mode. My main question is how to that.
The following is the start of what is needed for a first cut at it. Try it
and let me know how it goes.
domain_auto_trans(initrc_t, uml_exec_t, sysadm_uml_t)
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list