[redhat-lspp] Just noticed a problem with semanage/semodule and SELinux policy
Daniel J Walsh
dwalsh at redhat.com
Wed Jan 24 21:37:24 UTC 2007
Currently you can run semanage/semodule at SystemLow and they end up
creating files in /etc/selinux/mls/seusers and
/etc/selinux/mls/policy/policy.21 at SystemLow.
The system defaults say they should be at SystemHigh. I am not sure why
they are specified at SystemHigh, but we either need to change the
specification or lots of other files need to be moved to system high and
perhaps only allow semanage to run at SystemHigh.
Running semanage at SystemHigh, ends up creating a bunch of files at
SystemHigh that should be SystemLow, also. So no easy fix.
More information about the redhat-lspp
mailing list