-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Forrest Taylor wrote: > Running RHEL5.1 with with selinux-policy-strict-2.4.6-106.el5_1.3. > > I am building my own policy for FTP and in creating the xferlog, > audit2allow -alR gives this macro: > > logging_search_logs(ftpd_t) > > The problem is that this macros generates the following type transition: > > type_transition ftpd_t var_log_t : file sendmail_log_t; > I think you are wrong here. interface(`logging_search_logs',` gen_require(` type var_log_t; ') files_search_var($1) allow $1 var_log_t:dir search_dir_perms; ') > This, of course, is not really what I want, so I dropped the -R option > to audit2allow and it returns: > > allow ftpd_t var_log_t:dir search; > > With the next iteration, audit2allow -alR shows: > > sendmail_create_log(ftpd_t) > I have no idea where this comes from, I guess I would need to see you log files. > and audit2allow -la shows: > > allow ftpd_t var_log_t:dir write; > > Someone really liked sendmail_log_t ;o) > > Forrest > > > ------------------------------------------------------------------------ > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkfG+vEACgkQrlYvE4MpobN1VACffeQUQQxs9LswugYoaVN63JNn ePAAoOsQyxwM431hRZJXxrV285bI3nWI =LNnL -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
