httpd controls ?
hongwei at wustl.edu
Wed Mar 30 15:47:41 UTC 2005
>> 2. If it is safe, how do I persuade selinux to let it happen?
> Look into use of the audit2allow utility for converting denied
> messages into rules that allow the behavior that was denied. The the
> short of it is:
> # cd /etc/selinux/targeted/src
> # audit2allow -d -l -o domains/misc/local.te && make load
> Repeat until your script works and then clean up the local.te file's
> formatting (not necessary). The long of it (and a good read) is the
> Red Hat Enterprise Linux 4 SELinux Guide
> I'd suggest reading that, specifically section II before doing what
> I've suggested here to make sure you have a full understanding of
> what's going on.
I have a question about what you suggested. My system is working
normally, but I'd like to know more about audit2allow. My system (fc3,
selinux enforced, targeted) does not have src under /etc/selinux/targeted/
that has only: booleans contexts policy
and I could not find audit2allow, even from the web site you gave above.
Could you provide more information about it? or any links?
More information about the fedora-selinux-list