redhatdude@xxxxxxxxxxxxx wrote:
There's no local.te in my system. I'm running FC5. Also, there is no
such rpm or anything similar in the yum repositories. Yes,
audit2allow gave me the rules to add, two of them indeed. The problem
now is where to add them. Any idea?
Thanks a lot for your help, I really appreciate it.
EJ
I did some googling and it looks like Red Hat/Fedora has changed the way
they package the SELinux ruleset source for FC5. It looks like you need
the source RPM for selinux-policy-targeted instead of how they packaged
things for FC4 and earlier with a separate package called
selinux-policy-targeted-sources. I guess it makes sense to just move
the source to the source RPM instead of having a separate "sources"
package; just confusing for those of us who got used to doing things the
other way.
Here's a link to the source RPM but you should also be able to get it
just using your favorite flavor of yum.
ftp://ftp.pbone.net/mirror/download.fedora.redhat.com/pub/fedora/linux/core/updates/5/SRPMS/selinux-policy-2.2.38-1.fc5.src.rpm
This file contains:
[dave@bend ~/rpm]# rpm -qlp selinux-policy-2.2.38-1.fc5.src.rpm
Makefile.devel
booleans-mls.conf
booleans-strict.conf
booleans-targeted.conf
modules-mls.conf
modules-strict.conf
modules-targeted.conf
policy-20060505.patch
policygentool
selinux-policy.spec
serefpolicy-2.2.38.tgz
setrans-mls.conf
setrans-strict.conf
setrans-targeted.conf
I'm *guessing* you'll need to unpack serefpolicy-2.2.38.tgz in an
appropriate location and then add the local policy rules as I described
earlier. Hopefully, the link from one of the other responses will
provide enough information about how to make a custom policy for FC5
although "policygentool" sounds like a likely suspect.
Sorry about the confusion.
Cheers,
Dave
--
Politics, n. Strife of interests masquerading as a contest of principles.
-- Ambrose Bierce
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
