policy for mgetty fax receive and new_fax

[Klaus Lichtenwalder]

Dominick,

Am Dienstag, den 29.12.2009, 13:02 +0100 schrieb Dominick Grift:

> Whoops i forgot some policy:

Ok, I was already wondering whether that could be it, trying to
understand :-)

> 
> echo "policy_module(mygetty, 1.0.0)" > mygetty.te;
> echo "optional_policy(\`" >> mygetty.te;
> echo "gen_require(\`" >> mygetty.te;
> echo "type getty_t;" >> mygetty.te;
> echo "')" >> mygetty.te;
> echo "corecmd_exec_bin(getty_t)" >> mygetty.te;
> echo "corecmd_exec_shell(getty_t)" >> mygetty.te;
> echo "kernel_read_system_state(getty_t)" >> mygetty.te;
> echo "')" >> mygetty.te;
> 
> make -f /usr/share/selinux/devel/Makefile mygetty.pp
> sudo semodule -i mygetty.pp
> 
> As for system_mail_t:
> 
> echo "policy_module(mymail, 1.0.0)" > mymail.te;
> echo "optional_policy(\`" >> mymail.te;
> echo "gen_require(\`" >> mymail.te;
> echo "type system_mail_t;" >> mymail.te;
> echo "')" >> mymail.te;
> echo "term_use_unallocated_ttys(system_mail_t)" >> mymail.te;
> echo "')" >> mymail.te;
> 
> make -f /usr/share/selinux/devel/Makefile mymail.pp
> sudo semodule -i mymail.pp
> 
> That should help. 


This helps a lot, as fax receiving (and notifying) works without AVC
denials showing up. No I'm off trying to understand everything. With all
those makros, one get's a lot done with little code :-)

Thanks again
Klaus
-- 
------------------------------------------------------------------------ 
 Klaus Lichtenwalder, Dipl. Inform.,  http://lklaus.homelinux.org/Klaus/
 PGP Key fingerprint: A5C0 F73A 2C83 96EE 766B  9C62 DB6D 1258 0E9B B6D1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20091229/fff2437c/attachment.sig>