Query regarding booleans
Daniel J Walsh
dwalsh at redhat.com
Tue Feb 10 14:24:15 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Deependra Singh Shekhawat wrote:
> Greetings,
>
> I have written a selinux policy in fedora which actually have a boolean
> declared within the policy and when the boolean is on some allow rules are
> written which actually come into picture. But if the boolean is off the
> SELinux denial message doesn't suggest the user to actually switch on the
> boolean. I have seen in the normal case with the default booleans this is
> not the case and the denial actually suggest the user to switch on the
> boolean. I believe I need to do something more then what I am currently
> doing that's why I am asking here.
>
> Can you suggest me anything regarding this ?
>
> Warm Regards
> Deependra Singh Shekhawat
>
>
>
> ------------------------------------------------------------------------
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Are you talking about setroubleshoot not suggesting the correct solution?
What is setroubleshoot suggesting? Also as Steven Says if you run
audit2allow -w -a
on the avc's does it suggest the boolean?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmRjg8ACgkQrlYvE4MpobMZIgCggAW+jaapkepwB0mawtKevh6j
2UEAniwTDSHzegmoguH60B5j+yC6ng5I
=30zQ
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list