Odd boolean in /etc/selinux/strict/booleans?
Ivan Gyurdiev
ivg2 at cornell.edu
Thu Mar 31 12:28:30 UTC 2005
On Thu, 2005-03-31 at 07:23 -0500, Ivan Gyurdiev wrote:
> > How come it's disable_games in strict/booleans, but disable_games_trans in the
> > policy?
>
> disable_games_trans is correct, the file's probably out of date.
>
> How come some of those booleans are set to 0 by default - doesn't
> that match the selinux policy? Is the booleans file supposed to
> override the src defaults? If so, shouldn't there be only 1s in that
> file (since the src defaults are all 0)?
>
> Also, the securitylevel app marks things "Changed" every time I toggle
> them. It seems like it would be better if it marked thigs back to
> "Unchanged" when I toggled them back, to prevent it from writing out
> every random thing I toggle into booleans.local, whether or not I change
> it back to where it was.
>
> Also, my old booleans file went to booleans.rpmsave. Does that mean that
> my booleans will be reset upon reboot? If so, should the %post script do
> something about that to address upgrade path from FC3->FC4?
Also, should the post script remove nonexistent booleans from
booleans.local upon upgrade?
--
Ivan Gyurdiev <ivg2 at cornell.edu>
Cornell University
More information about the fedora-selinux-list
mailing list