On Fri, 2013-04-26 at 08:16 -0400, mark wrote: > On 04/26/13 08:08, Dominick Grift wrote: > > On Fri, 2013-04-26 at 07:59 -0400, mark wrote: > > > >> I have the same problem... but rather than do that, is there a way to > >> extract *just* the passenger module, so I can edit the paths, and > >> reinstall it? > > > > Why do you need to edit the existing paths? Do they conflict or harm? > > Can you not just add new paths using semanage or a separate policy > > module? > > You can add new paths? How? I've never noticed that in the man pages, or > examples.... Example: Lets say i want to add a new path for /mywebsite: mkdir ~/mywebsite; cd ~/mywebsite cat > mywebsite.te << EOF policy_module(mywebsite, 1.0.0) optional_policy(` gen_require (` type httpd_sys_content_t; ') ') EOF cat > mywebsite.fc << EOF /mywebsite(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) EOF make -f /usr/share/selinux/devel/Makefile mywebsite.pp sudo semodule -i mywebsite.pp restorecon -R -v -F /mywebsite > > mark > > > > If you cannot do that. Then you can disable the existing passenger > > policy module with semodule -d passenger. > > > > Then get the passenger source policy module from fedora CVS, edit, > > rename that and build install that > > > > semodule -i passenger-revisited.pp > > > >> mark > >> -- > >> selinux mailing list > >> selinux@xxxxxxxxxxxxxxxxxxxxxxx > >> https://admin.fedoraproject.org/mailman/listinfo/selinux > > > > > > > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
