Policy file for 'aide' and/or 'tripwire'?
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Mon May 3 18:02:54 UTC 2004
On Mon, 03 May 2004 02:45:39 +1000, Russell Coker said:
> On Wed, 28 Apr 2004 03:52, Valdis.Kletnieks at vt.edu wrote:
> > Has anybody already done a policy file for Tripwire or its
> > open-sourced replacement 'aide'?
>
> Why not run it in the domain backup_t? Tripwire and backup programs both need
> read access to all files..
Good hint - I'll have to chase that. Looks like it's almost but not quite what I
want - looks like a few lines of tweaking should suffice (I'm pretty sure that
can_network can be heaved over the side of the .te file, and I need other directories
labeled with backup_store_t in the .fc file).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20040503/3d4fd479/attachment.sig>
More information about the fedora-selinux-list
mailing list