generating rules in permissive mode?
sai ganesh
ganesai at fedoraproject.org
Tue Jan 5 14:03:28 UTC 2010
hi,
i have a query
if i want to start a completely custom made service .i have defined all the
transitions and types.now i need only the allow rules.
what is the difference between (going to permissive mode and checking the
logs to generate the entire set of policy's allow rules ) and ( generating
the allow rules one by one after updating the policy again and again in the
enforcing mode ).i find it easier to generate the entire set of allow rules
switching to permissive mode.is there any chance that i may miss a rule if i
switch to permissive mode and generate the rules from the logs or say i give
extra permissions ?
which is the preffered method?.
--
s.saiganesh
“The Linux philosophy is 'Laugh in the face of danger'. Oops. Wrong One. 'Do
it yourself'. Yes, that's it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20100105/9a400a88/attachment.htm>
More information about the fedora-selinux-list
mailing list