In-Reply-To: : <44457936.4090207 at emmanuelcomputerconsulting.com>
On Tue, 18 Apr 2006 19:41:42 -0400,
William Warren <hescominsoon at emmanuelcomputerconsulting.com> wrote:
> I installed SeLinux in warn mode. HOw do i check to see what it
> is wanring about? This wil help me in make a decision to turn it
> to active mode..:)
Try this:
$ audit2allow --help
audit2allow [-d] [-v] [-l] [-i <inputfile> ] [-o <outputfile>]
-d read input from output of /bin/dmesg
-v verbose output
-l read input only after last "load_policy"
-i read input from <inputfile>
-o append output to <outputfile>
$ audit2allow -v -1 /var/log/messages
This will not only tell you what SELinux is complaining about, it will
give you the basic information needed to configure your local policy file
in:
/etc/selinux/targeted/src/policy/domains/misc/local.te
To implement policy changes, edit the local.te file as indicated by
audit2allow and rebuild your SELinux policy files with:
$ /etc/selinux/targeted/src/policy/make reload
Be advised however that audit2allow may suggest policy alterations that
are broader than strictly necessary. It is probably worth your while to
post your contemplated policy changes here and get some informed opinions
about whether they actually should be more restrictive.
To do any of this you need to first install the selinux-policy-targeted rpm.
Regards,
Jim
--
*** e-mail is NOT a secure channel ***
James B. Byrne mailto:ByrneJB.<token>@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3CE delivery <token> = hal