get the red and green back (really consoletype, rhgb)
Daniel J Walsh
dwalsh at redhat.com
Wed Sep 22 18:46:42 UTC 2004
Russell Coker wrote:
>On Sat, 18 Sep 2004 04:35, Tom London <selinux at gmail.com> wrote:
>
>
>>Need this in rhgb.te:
>>
>>--- /etc/selinux/strict/src-1.17.18-1/policy/domains/program/rhgb.te
>> 2004-09-17 11:32:00.886510890 -0700
>>+++ ./rhgb.te 2004-09-17 11:33:42.601099238 -0700
>>@@ -34,7 +34,7 @@
>> allow insmod_t rhgb_t:fd use;
>>
>> allow rhgb_t ramfs_t:filesystem { mount unmount };
>>-allow rhgb_t root_t:dir { mounton };
>>+allow rhgb_t { root_t mnt_t }:dir { mounton };
>> allow rhgb_t rhgb_t:capability { sys_admin };
>> dontaudit rhgb_t var_run_t:dir { search };
>>
>>Otherwise can't mount....
>>
>>
>
>Does it still need access to mount on type root_t?
>
>RHGB doesn't work for me at the moment due to other errors so I can't test.
>
>
>
No I removed root_t.
More information about the fedora-selinux-list
mailing list