need help for local.te
Hongwei Li
hongwei at wustl.edu
Fri May 19 14:58:10 UTC 2006
Hi,
I need help about local.te. My system:
kernel: 2.6.16-1.2111_FC5smp
selinux-policy-targeted: 2.2.38-1.fc5
audit: 1.1.5-1
sendmail: 8.13.6-0.FC5.1
squirrelmail: 1.4.6-5.fc5
When I try to create an email folder in squirrelmail, I got Error. So, I run
the following to create my local.te and add my module. Here are what I run
and get:
# audit2allow -M local < /var/log/audit/audit.log
Generating type enforcment file: local.te
Compiling policy
checkmodule -M -m -o local.mod local.te
semodule_package -o local.pp -m local.mod
******************** IMPORTANT ***********************
In order to load this newly created policy package into the kernel,
you are required to execute
semodule -i local.pp
# ls -l
total 40
-rw-r--r-- 1 root root 2448 May 19 09:46 local.mod
-rw-r--r-- 1 root root 2464 May 19 09:46 local.pp
-rw-r--r-- 1 root root 733 May 19 09:46 local.te
# semodule -i local.pp
libsepol.check_assertion_helper: assertion on line 0 violated by allow httpd_t
shadow_t:file { read };
libsepol.check_assertions: 1 assertion violations occured
libsemanage.semanage_expand_sandbox: Expand module failed
semodule: Failed!
How to solve the problem?
Thanks!
Hongwei
More information about the fedora-selinux-list
mailing list