This works!!! BTW, there was a typo. The command should be: make enableaudit I really appreciate your help. Hung Truong | Trident Systems Incorporated Sr. Embedded Engineer, Software System Engineering Group 10201 Fairfax Boulevard | Suite 300 | Fairfax, VA 22030 d: 703.267.6746 | f: 703.273.6608 e: hung.truong@xxxxxxxxxxx | www.tridsys.com Notice: The information contained in this email message is considered confidential and proprietary to the sender and is intended solely for review and use by the named recipient. Any unauthorized review, use or distribution is strictly prohibited. If you have received this message in error, please advise the sender by reply email and delete the message. -----Original Message----- From: Daniel J Walsh [mailto:dwalsh@xxxxxxxxxx] Sent: Tuesday, January 22, 2013 10:23 AM To: Hung Truong Subject: Re: Turn off "dontaudit" rules in monolithic policy -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/22/2013 10:14 AM, Hung Truong wrote: > Could you tell me how to compile a policy without dontaudit rules? > Thanks. > make enabelaudit I believe. > > Hung Truong | Trident Systems Incorporated Sr. Embedded Engineer, > Software System Engineering Group 10201 Fairfax Boulevard | Suite 300 > | Fairfax, VA > 22030 d: 703.267.6746 | f: 703.273.6608 e: hung.truong@xxxxxxxxxxx | > www.tridsys.com > > > > Notice: The information contained in this email message is considered > confidential and proprietary to the sender and is intended solely for > review and use by the named recipient. Any unauthorized review, use > or distribution is strictly prohibited. If you have received this > message in error, please advise the sender by reply email and delete the > message. > > > -----Original Message----- From: Daniel J Walsh > [mailto:dwalsh@xxxxxxxxxx] > Sent: Tuesday, January 22, 2013 10:11 AM To: Hung Truong Cc: Vu, > Joseph; SELinux Subject: Re: Turn off "dontaudit" rules in monolithic > policy > > > > On 01/22/2013 09:31 AM, Hung Truong wrote: >> I am using version 3.7.19-155el6.6. > > > >> *From:*Vu, Joseph [mailto:joseph.vu@xxxxxxxxxx >> <mailto:joseph.vu@xxxxxxxxxx>] *Sent:* Tuesday, January 22, 2013 9:19 >> AM >> *To:* Hung Truong; SELinux *Subject:* RE: Turn off "dontaudit" rules >> in monolithic policy > > > >> Hung, > > > >> I have been trying to rebuild monolithic policy and was not able to. > >> What version of SELinux Policy and RHT are you using? > > > >> --------------------------------------------------------------------- >> - >> ---------- > >> *From:*owner-selinux@xxxxxxxxxxxxx >> <mailto:owner-selinux@xxxxxxxxxxxxx> >> [mailto:owner-selinux@xxxxxxxxxxxxx] *On Behalf Of *Hung Truong >> *Sent:* Monday, January 21, 2013 11:25 AM *To:* SELinux *Subject:* >> Turn off "dontaudit" rules in monolithic policy > > > >> I have a custom monolithic build based on RHEL6 policy. I get this >> error when try to turn off dontaudit rules: > >> $ semodule -DB > > >> libsemanage.semanage_link_sandbox: Could not access sandbox base file >> /etc/selinux/targeted/modules/bmp/base.pp. (No such file or >> directory) > >> Is there other way to turn off dontaudit rules in a monilithic policy? > > > >> Many thanks, > >> --Hung Truong > > Why not compile two policies one with and one without dontaudit rules? > > -- This message was distributed to subscribers of the selinux mailing > list. If you no longer wish to subscribe, send mail to > majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without > quotes as the message. > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlD+ruEACgkQrlYvE4MpobPNkACggndNE6JYVYFJIWRJ4UAjHEIw WnQAn1iAHwPv3UtoiTt3MOSYOgnLtGOv =/+7i -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
