On Fri, 2008-08-29 at 20:13 +0530, shaunak saha wrote:
> >Hmmm...ok, can you also show the tmp/dbus_exe.tmp file that was
> >generated from your .te file during the build?
>
> Attached is the dbus_exe.tmp file
>
> >You add the definitions to the policy/flask files and rebuild the
> entire
> >refpolicy.
>
> I did that i guess.I added this
>
> class gconf
> {
> set_value
> set_scheme
> unset_value
> remove_dir
> }
>
> in /etc/selinux/refpolicy/src/policy/policy/flask/access_vectors file
>
> and
>
> class gconf
>
> in /etc/selinux/refpolicy/src/policy/policy/flask/security_classes
> file
> and then did a
>
> make load
> from /etc/selinux/refpolicy/src/policy directory.
>
> Is this the right thing?or i m missing something?
And did you then set SELINUXTYPE=refpolicy in /etc/selinux/config,
touch /.autorelabel and reboot the system to bring it up under your
newly built policy rather than the targeted one?
Or alternatively when you ran semodule, did you specify -s refpolicy to
cause it act on refpolicy rather than the default targeted policy?
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
