need help for local.te

Kayvan A. Sylvan kayvan at sylvan.com
Sat May 20 01:30:37 UTC 2006


On Fri, May 19, 2006 at 12:13:15PM -0500, Hongwei Li wrote:
> 
> The problem is I need to re-do for local.te from time to time, and whenver I
> run (after rebooting)
> # audit2allow -M local < /var/log/audit/audit.log
> the line
> 
> allow httpd_t shadow_t:file { getattr read write };
> 
> is automatically added to local.te -- [...]
> How to fix the problem?

How about something like this?

audit2allow -l -i /var/log/audit/audit.log | grep -v shadow >> local.te

-- 
Kayvan A. Sylvan          | Proud husband of       | Father to my kids:
Sylvan Associates, Inc.   | Laura Isabella Sylvan, | Katherine Yelena (8/8/89)
http://sylvan.com/~kayvan | my beautiful Queen.    | Robin Gregory (2/28/92)




More information about the fedora-selinux-list mailing list