On Wed, 2007-02-07 at 19:07 +0100, selinux@xxxxxxxxxx wrote: > hi, > > i'm new to selinux and i need to know how can i easy modify > a selinux targeted policy rule in fc6. > > my apache can't write in a /var subdir. > > my idea is to start looking in to logs and then edit the > policy (or the files attributes) to avoid problems. audit2allow will automatically turn audit logs into allow rules, but you shouldn't blindly take its results. In your particular case, if you labeled the files in that /var subdirectory with an appropriate type, then apache would be able to write to it. > is there an easy tool for editing policy source? > > is there a complete how to (for fc6 targeted selinux)? Read the Fedora SELinux FAQ and the Fedora SELinux wiki pages. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list