-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Deependra Singh Shekhawat wrote: > Greetings, > > I have written a selinux policy in fedora which actually have a boolean > declared within the policy and when the boolean is on some allow rules are > written which actually come into picture. But if the boolean is off the > SELinux denial message doesn't suggest the user to actually switch on the > boolean. I have seen in the normal case with the default booleans this is > not the case and the denial actually suggest the user to switch on the > boolean. I believe I need to do something more then what I am currently > doing that's why I am asking here. > > Can you suggest me anything regarding this ? > > Warm Regards > Deependra Singh Shekhawat > > > > ------------------------------------------------------------------------ > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Are you talking about setroubleshoot not suggesting the correct solution? What is setroubleshoot suggesting? Also as Steven Says if you run audit2allow -w -a on the avc's does it suggest the boolean? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkmRjg8ACgkQrlYvE4MpobMZIgCggAW+jaapkepwB0mawtKevh6j 2UEAniwTDSHzegmoguH60B5j+yC6ng5I =30zQ -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
