local.te (was Re: avc: denied { ioctl }?
Craig
cs007fc at wowway.com
Wed Jun 8 21:02:18 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Valdis.Kletnieks at vt.edu wrote:
| On Wed, 08 Jun 2005 09:28:20 CDT, Hongwei Li said:
|
|
|>but no local.te. I don't see it under domain/program/ either. Then, what
|>file should I run the above command to?
|
|
| You don't have a domain/program/local.te yet because you haven't done any local
| changes to ruleset yet. Go ahead and create it if you decide to 'dontaudit' that
| one avc.
|
| Question to the list: Should the Fedora RPM ship a one-line local.te that
| says '# Put your local stuff here', and flag it as a config file so RPM will
| DTRT with it?
Although it would seem unnecessary, I think it is an excellent idea. There are a
lot of people, even some IT/IS Admins, using(trying) fedora that are totally
unfamiliar with Unix-like systems let alone SE Linux and it would be extremely
reassuring and preferable to them to edit an existing file than to create one
from scratch.
Craig
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFCp1za6XcoldzZ4rgRAj8aAKDXE5ylv+E5IZRQ/BoBGBfnMaYxGgCggNv5
2sl01XEDZpTSy6BOAut0ZxQ=
=HaVi
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cs007fc.vcf
Type: text/x-vcard
Size: 2146 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20050608/46e7c55f/attachment.vcf>
More information about the fedora-selinux-list
mailing list