> On 03/30/2017 01:19 PM, Martin Gansser wrote: > > Hi, > > boomaga SELinux module is not part of selinux-policy package, which > means it's not maintained by Fedora SELinux team. I cloned boomaga repo > and boomaga policy is part of permissivedomains, which means that > boomaga rules won't be enforced by kernel, even if your system is in > enforcing state. If you would like to fix this issue you can create > local module: > > $ cat boomaga_local.cil > (allow boomaga_cups_t boomaga_cups_t(cap_userns (sys_ptrace))) > > # semodule -i boomaga_local.cil > # > > I'll try to contact boomaga maintainer and provide patch for boomaga > SELinux module. > that sounds good. many thanks Martin current rpm spec file with selinux rules. http://pkgs.fedoraproject.org/cgit/rpms/boomaga.git/tree/boomaga.spec _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
