To correct error messages appearing in the audit.log, I ran the
procedure described in the audit2allow manual page.
Here is the .te file :
module local 1.0;
require {
class dir search;
class fd use;
class fifo_file write;
class file { read write };
class netlink_route_socket create;
class unix_stream_socket { read write };
type apmd_log_t;
type cupsd_config_t;
type cupsd_t;
type dovecot_auth_t;
type dovecot_t;
type etc_mail_t;
type etc_runtime_t;
type hald_t;
type home_root_t;
type hostname_t;
type restorecon_t;
type semanage_t;
type unconfined_t;
type user_home_dir_t;
type usr_t;
type xdm_t;
role system_r;
};
allow cupsd_config_t apmd_log_t:file { read write };
allow cupsd_t apmd_log_t:file { read write };
allow dovecot_auth_t self:netlink_route_socket create;
allow dovecot_t etc_runtime_t:file read;
allow dovecot_t unconfined_t:fifo_file write;
allow dovecot_t xdm_t:fd use;
allow hald_t home_root_t:dir search;
allow hostname_t etc_mail_t:file read;
allow hostname_t unconfined_t:fifo_file write;
allow hostname_t usr_t:file read;
allow hostname_t xdm_t:fd use;
allow restorecon_t xdm_t:fd use;
allow semanage_t unconfined_t:unix_stream_socket { read write };
allow semanage_t user_home_dir_t:dir search;
When I try to load the module using "semodule -i local.pp"
Iget :
libsepol.module_package_read_offsets: wrong magic number for module
package: expected 4185718671, got 4185718669
libsemanage.semanage_load_module: Error while reading from module
file/etc/ selinux/targeted/modules/tmp/modules/toto.mod.
"/etc/ selinux/targeted/modules/tmp" does not exist.
Module local is in "/etc/selinux/targeted/modules/active/modules".
I run a Fedora Core 5 x86_64, strictly up to date (policy: targeted)
(kernel-2.6.17-1.2187_FC5).
policycoreutils-1.30.10-2.fc5
Thanks fot the hints.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
