On 09/20/2015 09:20 AM, Gmail wrote: > Hi, > > > > I need to understand how can i remove net_raw capability from > unconfined_t domain, someone can help me? > > I need the source policy? Or can i remove another way? The systems are > RHEL 6 and RHEL 7. Yes, you would need to download the policy sources, modify the unconfined policy module, rebuild it, and install your modified version. It may be easier to instead define a new domain of your own that is allowed everything but net_raw. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
