On Wed, 2009-05-13 at 20:41 +0900, Shintaro Fujiwara wrote: > Well, I've been writing a policy to add user from certain domain. > > I wrote a policy including these interfaces, > > auth_domtrans_chk_passwd(segatex_t) > auth_manage_shadow(segatex_t) > auth_rw_shadow(segatex_t) > files_manage_etc_files(segatex_t) > > and still I can't add user from certain domain and when I look into > log, I have two denied messages, > > etc_t file create > shadow_t file create > > So I wrote exactly same thing to allow create these but sill I can't > add user nor delete user. > > I feel numb. What does audit2why report when you feed it these avc denial messages? -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
