Could you tell me how to compile a policy without dontaudit rules? Thanks. Hung Truong | Trident Systems Incorporated Sr. Embedded Engineer, Software System Engineering Group 10201 Fairfax Boulevard | Suite 300 | Fairfax, VA 22030 d: 703.267.6746 | f: 703.273.6608 e: hung.truong@xxxxxxxxxxx | www.tridsys.com Notice: The information contained in this email message is considered confidential and proprietary to the sender and is intended solely for review and use by the named recipient. Any unauthorized review, use or distribution is strictly prohibited. If you have received this message in error, please advise the sender by reply email and delete the message. -----Original Message----- From: Daniel J Walsh [mailto:dwalsh@xxxxxxxxxx] Sent: Tuesday, January 22, 2013 10:11 AM To: Hung Truong Cc: Vu, Joseph; SELinux Subject: Re: Turn off "dontaudit" rules in monolithic policy -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/22/2013 09:31 AM, Hung Truong wrote: > I am using version 3.7.19-155el6.6. > > > > *From:*Vu, Joseph [mailto:joseph.vu@xxxxxxxxxx > <mailto:joseph.vu@xxxxxxxxxx>] *Sent:* Tuesday, January 22, 2013 9:19 > AM > *To:* Hung Truong; SELinux *Subject:* RE: Turn off "dontaudit" rules > in monolithic policy > > > > Hung, > > > > I have been trying to rebuild monolithic policy and was not able to. > > What version of SELinux Policy and RHT are you using? > > > > ---------------------------------------------------------------------- > ---------- > > *From:*owner-selinux@xxxxxxxxxxxxx > <mailto:owner-selinux@xxxxxxxxxxxxx> > [mailto:owner-selinux@xxxxxxxxxxxxx] *On Behalf Of *Hung Truong > *Sent:* Monday, January 21, 2013 11:25 AM *To:* SELinux *Subject:* > Turn off "dontaudit" rules in monolithic policy > > > > I have a custom monolithic build based on RHEL6 policy. I get this > error when try to turn off dontaudit rules: > > $ semodule -DB > > > libsemanage.semanage_link_sandbox: Could not access sandbox base file > /etc/selinux/targeted/modules/bmp/base.pp. (No such file or directory) > > Is there other way to turn off dontaudit rules in a monilithic policy? > > > > Many thanks, > > --Hung Truong > Why not compile two policies one with and one without dontaudit rules? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlD+rAEACgkQrlYvE4MpobMNDgCfaLNiljkPI6ilm65DgUSBCHmP W10An1cOKmfs7qCG8xEKaEwjVguLMLZU =MkCV -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
