selinux / semodule question
Gordon Stewart
gorste at tesco.net
Wed Mar 15 10:11:40 UTC 2006
Hi
Selinux/ semodule has broken my kernel as now all I am getting now is run out of input data.
Looking at the email below I need to run semodule -r. Can some tell me where this is located. I am runing my box in rescue mode.
Thanks
Gordon
>
> From: Daniel J Walsh <dwalsh at redhat.com>
> Date: 2006/03/14 Tue PM 09:16:35 GMT
> To: For testers of Fedora Core development releases <fedora-test-list at redhat.com>
> Subject: Re: selinux / semodule question
>
> Brian Millett wrote:
> > I've been trying to understand selinux on my laptop.
> > I'm running rawhide. I have SELINUX=enforcing and SELINUXTYPE=targeted.
> > I've had a few audit messages when I try to use NetworkManager & a vpn
> > connection.
> > To debug it, I ran audit2why and saw that all of the denied where from
> > a missing or disabled
> > TE.
> > I have ran (I'm sure there are other ways)
> >
> > audit2why < /var/log/audit/audit.log | audit2allow -M local
> >
> > and then ran semodule -i local.pp
> >
> > It seem to have loaded the local.pp.
> >
> > Do I need to put the "semodule -i local.pp" in a rc.local for each
> > boot? Or is it automagic?
> >
> > Thanks.
> No once you do a semodule -i, it permanently modifies the policy on
> disk. the pp file is no longer required, unless you want to install it
> on other machines or if you remove the policy later using semodule -r.
>
>
> --
> fedora-test-list mailing list
> fedora-test-list at redhat.com
> To unsubscribe:
> https://www.redhat.com/mailman/listinfo/fedora-test-list
>
More information about the fedora-test-list
mailing list