selinux / semodule question

Brian Millett bmillett at gmail.com
Tue Mar 14 20:28:00 UTC 2006


I've been trying to understand selinux on my laptop.
I'm running rawhide.  I have SELINUX=enforcing and SELINUXTYPE=targeted.
I've had a few audit messages when I try to use NetworkManager & a vpn
connection.
To debug it, I ran audit2why and saw that all of the denied where from a
missing or disabled
TE.
I have ran (I'm sure there are other ways)

audit2why < /var/log/audit/audit.log | audit2allow -M local

and then ran semodule -i local.pp

It seem to have loaded the local.pp.

Do I need to put the "semodule -i local.pp" in a rc.local for each boot?  Or
is it automagic?

Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-test-list/attachments/20060314/c2cb9a3c/attachment.htm>


More information about the fedora-test-list mailing list