about a new policy file in SELinux!
Sajed Miremadi
miremadi at ce.sharif.edu
Thu Aug 5 05:52:25 UTC 2004
Thanx a lot,
> On Thu, 2004-08-05 at 00:31 +0430, Sajed Miremadi wrote:
>> Hi,
>>
>> I have asked this question several times before but haven't got the
>> answer
>> I really want.
>> I'll ask it again but more clearly:
>> Does anybody ever write a new policy file except those which is defult
>> in
>> selinux(I mean those in
>> /etc/security/selinux/src/policy/domains/program).
>
> Yes, of course.
>
>> When I say a policy file I mean the files with ".te". For example there
>> are some for "ping","innd","tcpdump" and ... .
>> If someone has a .te file with this condition, I would be very glad if
>> he/she could send me that.
>
> Every time someone posts a new .te file to selinux at tycho.nsa.gov, like
> Russell's postgrey policy, they are in that condition.
So where can I get the .te files that are sent to selinux at tycho.nsa.gov?
>
> I think the problem you are running into is that you need a .fc file
> corresponding to each .te file in order for the .te file to be enabled.
> For example, if you create domains/program/myprogram.te, you need to
> also create file_contexts/program/myprogram.fc.
Not actually,because I have created one for "who" command and added the
.fc file to but it doesn't work. So I really want a new .te file.
thanx again,
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
More information about the fedora-selinux-list
mailing list