-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Deependra Singh Shekhawat wrote: > Sorry, > > My gmail is not configured properly and by default it is sending reply > to you and not the list. > > Yes I am using RHEL 5 update 2. > > Thanks > > Daniel J Walsh wrote: >> Deependra Singh Shekhawat wrote: >>> On Thu, Feb 5, 2009 at 11:26 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: >>>> On Wed, 2009-02-04 at 21:18 -0800, Deependra Singh Shekhawat wrote: >>>>> Greetings, >>>>> >>>>> >>>>> >>>>> I have written a selinux policy in fedora which actually have a >>>>> boolean declared within the policy and when the boolean is on some >>>>> allow rules are written which actually come into picture. But if the >>>>> boolean is off the SELinux denial message doesn't suggest the user to >>>>> actually switch on the boolean. I have seen in the normal case with >>>>> the default booleans this is not the case and the denial actually >>>>> suggest the user to switch on the boolean. I believe I need to do >>>>> something more then what I am currently doing that's why I am asking >>>>> here. >>>>> >>>>> >>>>> >>>>> Can you suggest me anything regarding this ? >>>> If you feed the denial message to audit2why, does it suggest changing >>>> the boolean? >>>> >>>> -- >>>> Stephen Smalley >>>> National Security Agency >>>> >>>> >>> Sorry for a late reply. >>> Yes it says to look for boolean settings but it doesn't mention any boolean >>> name as such. >>> Thanks > >>> ------------------------------------------------------------------------ >>> -- >>> fedora-selinux-list mailing list >>> fedora-selinux-list@xxxxxxxxxx >>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list >> RHEL5? > - -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list RHEL5 audit2allow/audit2why was not as smart as F9/F10 where it can find a boolean that can satisfy an avc message -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkmUKccACgkQrlYvE4MpobNETQCcDZH5J33qfZQVqIqZNVKMA+Y3 RzkAoJKdQEKjEAdPZI5AqdZZvkJc17yv =7rFH -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
