-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/26/2013 05:13 PM, m.roth@xxxxxxxxx wrote: > m.roth@xxxxxxxxx wrote: >> Daniel J Walsh wrote: >>> On 03/26/2013 03:27 PM, m.roth@xxxxxxxxx wrote: >>>> Daniel J Walsh wrote: >>>>> On 03/26/2013 03:12 PM, m.roth@xxxxxxxxx wrote: >>>>>> Daniel J Walsh wrote: >>>>>>> On 03/26/2013 03:08 PM, m.roth@xxxxxxxxx wrote: >>>>>>>> >>>>>>>> Got a server that's throwing a ton of avc granted, all >>>>>>>> related to Matlab. I saw something via google from '06, for a >>>>>>>> java thing - is there something I can use to shut this up? >>>>>>>> >>>>>>>> CentOS 5.9, current. >>>> <snip> >>>>> One hack to fix this would be to turn the boolean off and then >>>>> write a custom policy module to allow unconfined_t execheap. >>>>> >>>>> policy_module(myunconfined, 1.0) gen_require(` type unconfined_t; >>>>> ') allow unconfined_t self:process execheap; >>>> > What a *pain*. As I said, I'm on CentOS 5.9, and rpm -qa | grep > selinux-policy\* selinux-policy-2.4.6-327.el5 > selinux-policy-targeted-2.4.6-327.el5 > > audit2allow doesn't seem to have a debug switch, and I've tried exactly > what you wrote, as well as the one I posted, and checkmodule chokes on > everything. > > mark > How does it choke? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlFTCeMACgkQrlYvE4MpobMZLACgnz/rNQfR0izn3febBWYEePu0 D18AoJ3EKXETIB27xk8731k2EjCd5rPK =/IyU -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
