Query regarding booleans
Daniel J Walsh
dwalsh at redhat.com
Wed Feb 11 22:56:21 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Deependra Singh Shekhawat wrote:
> On Thu, Feb 5, 2009 at 11:26 PM, Stephen Smalley <sds at tycho.nsa.gov> wrote:
>
>> On Wed, 2009-02-04 at 21:18 -0800, Deependra Singh Shekhawat wrote:
>>> Greetings,
>>>
>>>
>>>
>>> I have written a selinux policy in fedora which actually have a
>>> boolean declared within the policy and when the boolean is on some
>>> allow rules are written which actually come into picture. But if the
>>> boolean is off the SELinux denial message doesn't suggest the user to
>>> actually switch on the boolean. I have seen in the normal case with
>>> the default booleans this is not the case and the denial actually
>>> suggest the user to switch on the boolean. I believe I need to do
>>> something more then what I am currently doing that's why I am asking
>>> here.
>>>
>>>
>>>
>>> Can you suggest me anything regarding this ?
>> If you feed the denial message to audit2why, does it suggest changing
>> the boolean?
>>
>> --
>> Stephen Smalley
>> National Security Agency
>>
>>
>
> Sorry for a late reply.
>
> Yes it says to look for boolean settings but it doesn't mention any boolean
> name as such.
>
> Thanks
>
>
> ------------------------------------------------------------------------
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
RHEL5?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmTV5UACgkQrlYvE4MpobPXbwCeIBIJN389Z/FdK4oPf0eOKnNQ
b1UAn0wJWamINs52ndEewDswaw6ZCr7x
=4gsM
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list