On Tuesday 23 January 2007 19:58, Stephen Smalley wrote: > audit2allow is just a filter that reads avc messages and emits policy > rules that would allow them. The -a option tells it to check > both /var/log/messages and the audit logs for avc messages (using > ausearch for processing the audit logs). The -M local option tells it > to generate a loadable policy module named "local". Upon completion, > you should have the following files in the current directory: > 1) local.te - the policy source generated by audit2allow based on the > avc messages, > 2) local.mod - binary representation of the same, created by > checkmodule, > 3) local.pp - policy package file, containing local.mod and optionally > other policy components (but not in this case), created by > semodule_package. > > The last file is then loadable via semodule -i. > When semodule -i completes, your policy has been updated and loaded into > the kernel. All done, and those three files are in /root. Is that the correct place for them? If I have understood you correctly, by doing that I have told it to 'approve' the making of rules to deal with all the denials found there. At the moment I don't think there is anything dangerous in the log, but I presume that there are times when you would not want everything added. What happens about those situations? Anne
Attachment:
pgpzagQ8KU4y4.pgp
Description: PGP signature
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
