Hi, I want to build an RPM package which contains an custom SELinux policy for the daemon. I know that there is a new, more modularized SELinux architecture in FC5 and later (which makes this probably much easier) but I need to support RHEL 4/CentOS, too. I know how to use audit2allow to do some minor modifications but I don't know currently how to build RPM packages which ship a new SELinux policy without requiring the SELinux source modules (e.g. selinux-policy-targeted-sources) on RHEL 4 at install time. Any pointers? Ideas welcome. fs
I like to rephrase my question slightly: My problem is very similar to this one: Author: Davide Bolcioni Date: 27 Apr 2005 Subject: "Is there a SELinux tutorial for ISVs ?" http://www.redhat.com/archives/fedora-selinux-list/2005-April/msg00244.html If I understand this thread correctly, it is not possible to ship binary policies in CentOS/RHEL 4. Reading the SELinux guide [1], I think it is possible to ship a complete policy but not a single/minor tweak to an existing policy. Correct? fs [1] "8.4. Deploying Customized Binary Policy", http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/selg-section-0107.html
Possibly Parallel Threads
- SELinux modification
- NOT Solved - Re: SELinux policy to allow Dovecot to connect to Mysql
- NOT Solved - Re: SELinux policy to allow Dovecot to connect to Mysql
- How to disable selinux protection interfering with pppd? I tried audit2allow, but policy does not load. Is there an seboolean?
- Broken Selinux Postfix Policy?