On Monday 22 January 2007 19:40, Stephen Smalley wrote:
> > type=AVC msg=audit(1162463326.809:49): avc: denied { search } for
> > pid=4186 comm="postmap" name="nscd" dev=hdb1 ino=195773
> > scontext=user_u:system_r:postfix_map_t:s0
> > tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
> > type=SYSCALL msg=audit(1162463326.809:49): arch=40000003 syscall=102
> > success=no exit=-2 a0=3 a1=bf915688 a2=67eff4 a3=4 items=0 ppid=4147
> > pid=4186 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
> > tty=pts5 comm="postmap" exe="/usr/sbin/postmap"
> > subj=user_u:system_r:postfix_map_t:s0 key=(null)
>
> Yes, that shows the security contexts of the source (process) and the
> target (in this case, a directory). audit2allow will turn those
> messages into allow rules, e.g.
> su -
> audit2allow -a -M local
> semodule -i local.pp
>
After reading the man pages I find that I'm no wiser as to what this is doing.
I understand the first and last lines, but could you explain how you build
the audit2allow line, and what it actually does?
Thanks
Anne
Attachment:
pgpEQ8vUngeFA.pgp
Description: PGP signature
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
