-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/18/2010 11:11 PM, Paul Ward wrote: > Hi Daniel, > > > Thanks for your reply, looks like that may be what I need. :) > > I assume again this wont upset teh running of the machine when this is > performed? > > Also is theis change persisteant after reboots? > > Is there a way for making a new policy to allow the required actions > instead of removing the dontaudit all together? > > many thanks > Yes, You can add the new rules using audit2allow grep AVC /var/log/audit/audit.log | audit2allow -M mypol semodule -i mypol.pp Will add the rules. semodule -B Will turn back on the dontaudit rules. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvMVQoACgkQrlYvE4MpobN9NACgxwTvJecRQ/CM3PLcgiGyKcy3 lyAAmwYrCloBFwXTqvI8rOYJo/ZqE8v9 =fkD9 -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
