On Fri, 2008-04-25 at 12:22 -0500, Kim Lawson-Jenkins wrote: > Hi, > > > > Can someone point me to some text on the Web that explains > sepolgen-ifgen? When running audit2allow I received an error “could > not open interface info” and I found a post stating that using > sepolgen-ifgen might help solve this particular problem, but then I > couldn’t find details about how to use sepolgen-ifgen. You just run it when updating the policy headers (from selinux-policy-devel) and it regenerates the interface info in /var/lib/sepolgen. That info is then used by audit2allow (if passed -R) to try to match the audit messages against the interfaces so that it can generate calls to interfaces rather than just raw allow rules. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
