[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: selinux / semodule question



Hi

Selinux/ semodule has broken my kernel as now all I am getting now is run out of input data.

Looking at the email below I need to run semodule -r.  Can some tell me where this is located.  I am runing my box in rescue mode.

Thanks

Gordon
> 
> From: Daniel J Walsh <dwalsh redhat com>
> Date: 2006/03/14 Tue PM 09:16:35 GMT
> To: For testers of Fedora Core development releases <fedora-test-list redhat com>
> Subject: Re: selinux / semodule question
> 
> Brian Millett wrote:
> > I've been trying to understand selinux on my laptop. 
> > I'm running rawhide.  I have SELINUX=enforcing and SELINUXTYPE=targeted.
> > I've had a few audit messages when I try to use NetworkManager & a vpn 
> > connection. 
> > To debug it, I ran audit2why and saw that all of the denied where from 
> > a missing or disabled
> > TE.
> > I have ran (I'm sure there are other ways)
> >
> > audit2why < /var/log/audit/audit.log | audit2allow -M local
> >
> > and then ran semodule -i local.pp
> >
> > It seem to have loaded the local.pp.
> >
> > Do I need to put the "semodule -i local.pp" in a rc.local for each 
> > boot?  Or is it automagic?
> >
> > Thanks.
> No once you do a semodule -i, it permanently modifies the policy on 
> disk.  the pp file is no longer required, unless you want to install it 
> on other machines or if you remove the policy later using semodule -r.
> 
> 
> -- 
> fedora-test-list mailing list
> fedora-test-list redhat com
> To unsubscribe: 
> https://www.redhat.com/mailman/listinfo/fedora-test-list
> 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]