Re: an easy way to edit security policies in fc6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2007-02-07 at 19:07 +0100, selinux@xxxxxxxxxx wrote:
> hi,
> 
> i'm new to selinux and i need to know how can i easy modify
> a selinux targeted policy rule in fc6.
> 
> my apache can't write in a /var subdir.
> 
> my idea is to start looking in to logs and then edit the
> policy (or the files attributes) to avoid problems.

audit2allow will automatically turn audit logs into allow rules, but you
shouldn't blindly take its results.  In your particular case, if you
labeled the files in that /var subdirectory with an appropriate type,
then apache would be able to write to it.

> is there an easy tool for editing policy source?
> 
> is there a complete how to (for fc6 targeted selinux)?

Read the Fedora SELinux FAQ and the Fedora SELinux wiki pages.

-- 
Stephen Smalley
National Security Agency

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux