On Mon, 2006-04-10 at 10:01 -0700, Dan Thurman wrote: > I su as root initially and in my /root directory > and created the "foo" there. You did not state > where to create "foo" so if I did this in the > wrong place, please let me know. Re-added the list to the cc line above. It doesn't matter where you create it - it is just a temporary working directory. > I downloaded the > checkmodule and installed it earlier so it appears > that this time everything works, except that in the > tmp file created, I did not get the same files as > you may have. Here is the log of actions: > > [dant@copper ~]$ su - > Password: > [root@copper ~]# mkdir foo > [root@copper ~]# cd foo > [root@copper foo]# vi local.te > [root@copper foo]# touch local.if local.fc > [root@copper foo]# make -f /usr/share/selinux/devel/Makefile > Compliling targeted local module > /usr/bin/checkmodule: loading policy configuration from tmp/local.tmp > /usr/bin/checkmodule: policy configuration loaded > /usr/bin/checkmodule: writing binary representation (version 5) to > tmp/local.mod > Creating targeted local.pp policy package > rm tmp/local.mod.fc tmp/local.mod > [root@copper foo]# ls > local.fc local.if local.pp local.te tmp > [root@copper foo]# ls tmp > all_interfaces.conf local.mod.role local.tmp > [root@copper foo]# Looks correct to me, and matches what was in my original message. So now you finish the sequence of instructions I provided originally, i.e. # semodule -i local.pp Then retry accessing /var/www content from samba, and if it still doesn't work, check your /var/log/messages file for avc: denied messages. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
