Query regarding booleans

Deependra Singh Shekhawat deepsa at fedoraproject.org
Thu Feb 12 03:29:23 UTC 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sorry,

My gmail is not configured properly and by default it is sending reply
to you and not the list.

Yes I am using RHEL 5 update 2.

Thanks

Daniel J Walsh wrote:
> Deependra Singh Shekhawat wrote:
>> On Thu, Feb 5, 2009 at 11:26 PM, Stephen Smalley <sds at tycho.nsa.gov> wrote:
> 
>>> On Wed, 2009-02-04 at 21:18 -0800, Deependra Singh Shekhawat wrote:
>>>> Greetings,
>>>>
>>>>
>>>>
>>>> I have written a selinux policy in fedora which actually have a
>>>> boolean declared within the policy and when the boolean is on some
>>>> allow rules are written which actually come into picture. But if the
>>>> boolean is off the SELinux denial message doesn't suggest the user to
>>>> actually switch on the boolean. I have seen in the normal case with
>>>> the default booleans this is not the case and the denial actually
>>>> suggest the user to switch on the boolean. I believe I need to do
>>>> something more then what I am currently doing that's why I am asking
>>>> here.
>>>>
>>>>
>>>>
>>>> Can you suggest me anything regarding this ?
>>> If you feed the denial message to audit2why, does it suggest changing
>>> the boolean?
>>>
>>> --
>>> Stephen Smalley
>>> National Security Agency
>>>
>>>
>> Sorry for a late reply.
> 
>> Yes it says to look for boolean settings but it doesn't mention any boolean
>> name as such.
> 
>> Thanks
> 
> 
>> ------------------------------------------------------------------------
> 
>> --
>> fedora-selinux-list mailing list
>> fedora-selinux-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> RHEL5?

- --
RHCE/RHCSS Certificate number: 804006843818597
Type: pub
bits/keyID: 1024D/483B234C
Date: 2007/06/29
Key Server: pgp.mit.edu
User ID: Deependra Singh Shekhawat (Fedora Project)
<jeevanullas at gmail.com> <deepsa at fedoraproject.org>
Key fingerprint: ED45 62EA A4D7 53FB 44C7  774A D55B F3F0 483B 234C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkmTl5MACgkQ1Vvz8Eg7I0z3WgCgzneMi5q9a5w7e840WQneQSfV
GYsAn32wQMu1YZ/jtFnWa/4BgRH6x/q5
=Rptm
-----END PGP SIGNATURE-----




More information about the fedora-selinux-list mailing list