Fedora Targeted List grows on Rawhide.
Daniel J Walsh
dwalsh at redhat.com
Mon Dec 20 20:09:39 UTC 2004
I have added several targets to Targeted Policy as of
I am attempting to add most of the network daemons to targeted. In
order to experiment with this new
policy file, you will need to relabel. Or you can just relabel the
target you are interested in.
The best way to do this is install the policy and then execute
rpm -q -l TARGETRPM | restorecon -R -f -
amanda.te apache.te cups.te dhcpd.te dictd.te dovecot.te fingerd.te
ftpd.te howl.te i18n_input.te inetd.te innd.te kerberos.te ktalkd.te
ldconfig.te lpd.te mailman.te modutil.te mta.te mysqld.te named.te
nscd.te ntpd.te portmap.te postgresql.te privoxy.te radius.te radvd.te
rpcd.te rshd.te rsync.te samba.te slapd.te snmpd.te spamd.te squid.te
stunnel.te syslogd.te tftpd.te winbind.te ypbind.te ypserv.te zebra.te
This is not a commitment for this list in FC4, some could be pulled if
they don't work well :*).
The goal of targeted policy is to protect all network daemons and to
allow userspace to run with normal privs. You still need strict
policy to confine userspace.
More information about the fedora-selinux-list