Ivan Gyurdiev wrote:
Bad name in the installed file. It used to be disable_games. We might want to add aHow come it's disable_games in strict/booleans, but disable_games_trans in the
policy?
disable_games_trans is correct, the file's probably out of date.
How come some of those booleans are set to 0 by default - doesn't that match the selinux policy? Is the booleans file supposed to
override the src defaults? If so, shouldn't there be only 1s in that
file (since the src defaults are all 0)?
Also, the securitylevel app marks things "Changed" every time I toggle them. It seems like it would be better if it marked thigs back to "Unchanged" when I toggled them back, to prevent it from writing out every random thing I toggle into booleans.local, whether or not I change it back to where it was.
Also, my old booleans file went to booleans.rpmsave. Does that mean that my booleans will be reset upon reboot? If so, should the %post script do something about that to address upgrade path from FC3->FC4?
boolean back in to prevent users from running games at all. But we would need to remove
exec_type from the attribute.
Dan
--
