Selfmade policy not getting enforced on Fedora9
stefan.schleifer at gmail.com
Wed May 28 20:03:33 UTC 2008
On May 28, 2008, at 9:23 PM, Stefan Schleifer wrote:
> You folks rock, thx a bunch. I forget the transition rule. As
> suggested, I added:
> domain_auto_trans(unconfined_t, demo_exec_t, demo_t);
> and now the app runs as demo_t:
> [stefan at localhost policy]$ ps -efZ | grep demo
> unconfined_u:unconfined_r:demo_t:s0-s0:c0.c1023 root 2856 2510 0
> 20:56 pts/2 00:00:00 /usr/local/bin/demo
After running semodule -DB & semodule -B (as suggested by Daniel), I
got a few messages in /var/log/audit/audit.log and managed to modify
the policy in a way it works now.
Closing, many many thanks to your quick and, of course, very helpful
Thx a lot!
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 186 bytes
Desc: This is a digitally signed message part
More information about the fedora-selinux-list