On Wed, 2008-09-17 at 08:10 -0400, Daniel J Walsh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Murray McAllister wrote: > > Hi, > > > > If I change a lot of booleans, or install a lot of custom policies, is > > there any way to restore selinux policy (targeted) to its default > > configuration? > > > > Thanks. > > > > -- > > fedora-selinux-list mailing list > > fedora-selinux-list@xxxxxxxxxx > > https://www.redhat.com/mailman/listinfo/fedora-selinux-list > Well semanage does have a -D option to remove all local customizations > for the object > > man semanage > .. > > -D, --deleteall > Remove all OBJECTS local customizations > > > > Example: > > semanage ports -D > > Would remove all port changes. > > There is no way to do this with modules currently. > > You could look at the modules in /usr/share/selinux/targeted/*.pp > and compare them to semodule -l to see any modules that were different > and use semodule -r MODNAME to remove them. Gross horrible dangerous hack, be VERY careful, might eat your first born, kidnap your grandmother, and blow your house down... rpm -e --nodeps --justdb selinux-policy-targeted rm -rf /etc/selinux/targeted yum install selinux-policy-targeted touch /.autorelabel reboot yes? no? -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
