On Fri, 2005-06-03 at 10:16 -0700, Florin Andrei wrote: > On Fri, 2005-06-03 at 17:46 +1000, Russell Coker wrote: > > On Friday 03 June 2005 17:27, Florin Andrei <florin@xxxxxxxxxxxxxxx> wrote: > > > I'd imagine that by exercising the daemon in all ways possible, and > > > keeping an eye on syslog at the same time, I should be able to figure > > > out what needs to be permitted in the policy, right? > > > > Correct. > > <sigh> I wish there was a concrete example somewhere on how to do that. > It's not like SELinux doesn't have any docs at all but... So many things > to do, so little time... You might have seen this, or not: http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/selg-chapter-0071.html It's very generic and high-level. I'm very interested in real world experiences trying to use those how-to instructions. Other methodologies and experiences are also interesting. You can file a bugzilla report[1] with any details you want to share. This is an area of the SELinux Guide that people are asking for improvement on, and it would be nice to have more concrete details to work from. - Karsten [1] Follow the directions here: http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/s1-intro-more-to-come.html -- Karsten Wade, RHCE * Sr. Tech Writer * http://people.redhat.com/kwade/ gpg fingerprint: 2680 DBFD D968 3141 0115 5F1B D992 0E06 AD0E 0C41 Red Hat SELinux Guide http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
