I've trying to get SELinux strict up and running on a RHEL4-U4 box and not having much luck. I have one account and 3 programs that I need to protect from root. I was unable to get targeted to login under the user that I created, something about the policy always defaulting to user_u. So Fine, I tried to install the strict/ref policy from the tresys and cips. Dues to this being an x86_64 system, that didn't go well either. Trying plan C I went with the FC3 strict policy. Obviously some improvemtns have been made since then, but this was the first strict policy I was able to install without completely hosing my system. sshd and login seem to really like having libselinux(64) around. So my question here has to possible answers: 1) where the heck can I find some rpms for RHEl4 -x86_64 and the most recent ref policy. --OR-- 2) what could possibly be causing no [avc denied] messages to be logged. Most of the messages I have used with audit2allow to to try and get everything to work. Finally I go to the point of having no more messages even when rebooting the machine. If I put things into passive mode still no more messages, this is with constant reloading of the policy to clear the avc cache. help please. "A fractal is by definition a set for which the Hausdorff Besicovitch dimension strictly exceeds the topological dimension." -- Mandelbrot, "The Fractal Geometry of Nature"
Attachment:
signature.asc
Description: This is a digitally signed message part
