On Thu, 2004-08-05 at 00:31 +0430, Sajed Miremadi wrote: > Hi, > > I have asked this question several times before but haven't got the answer > I really want. > I'll ask it again but more clearly: > Does anybody ever write a new policy file except those which is defult in > selinux(I mean those in /etc/security/selinux/src/policy/domains/program). Yes, of course. > When I say a policy file I mean the files with ".te". For example there > are some for "ping","innd","tcpdump" and ... . > If someone has a .te file with this condition, I would be very glad if > he/she could send me that. Every time someone posts a new .te file to selinux@xxxxxxxxxxxxx, like Russell's postgrey policy, they are in that condition. I think the problem you are running into is that you need a .fc file corresponding to each .te file in order for the .te file to be enabled. For example, if you create domains/program/myprogram.te, you need to also create file_contexts/program/myprogram.fc.
Attachment:
signature.asc
Description: This is a digitally signed message part
