On Tue, 2006-04-11 at 08:05 -0400, Stephen Smalley wrote: > On Mon, 2006-04-10 at 10:01 -0700, Dan Thurman wrote: > > I su as root initially and in my /root directory > > and created the "foo" there. You did not state > > where to create "foo" so if I did this in the > > wrong place, please let me know. > > Re-added the list to the cc line above. > > It doesn't matter where you create it - it is just a temporary working > directory. > > > I downloaded the > > checkmodule and installed it earlier so it appears > > that this time everything works, except that in the > > tmp file created, I did not get the same files as > > you may have. Here is the log of actions: > > > > [dant@copper ~]$ su - > > Password: > > [root@copper ~]# mkdir foo > > [root@copper ~]# cd foo > > [root@copper foo]# vi local.te > > [root@copper foo]# touch local.if local.fc > > [root@copper foo]# make -f /usr/share/selinux/devel/Makefile > > Compliling targeted local module > > /usr/bin/checkmodule: loading policy configuration from tmp/local.tmp > > /usr/bin/checkmodule: policy configuration loaded > > /usr/bin/checkmodule: writing binary representation (version 5) to > > tmp/local.mod > > Creating targeted local.pp policy package > > rm tmp/local.mod.fc tmp/local.mod > > [root@copper foo]# ls > > local.fc local.if local.pp local.te tmp > > [root@copper foo]# ls tmp > > all_interfaces.conf local.mod.role local.tmp > > [root@copper foo]# > > Looks correct to me, and matches what was in my original message. So > now you finish the sequence of instructions I provided originally, i.e. > # semodule -i local.pp > > Then retry accessing /var/www content from samba, and if it still > doesn't work, check your /var/log/messages file for avc: denied > messages. > Ok, I thought the file local.pp was to exist somewhere which I did not find anywhere. That was my confusion. OK I issued: semodule -i local.pp and it completed. I went to a windows system and I am now able to view /var/www contents. I am also able to create and delete files and directories. All is now working well!. If there is anything else, please let me know. Kind regards, Dan -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
