On Sat, 2006-03-18 at 22:45 -0800, Antony Nguyen wrote: > Hi Craig, > > On Sat, 18 Mar 2006, Craig White wrote: > > >> Can anyone give me a hint as to how to add an selinux policy for pyzor or > >> enable its ability to resolve names? > >> > > ---- > > try this... > > > > yum install selinux-policy-targeted-sources > > cd /etc/selinux/targeted/src/policy > > audit2allow -d >> domains/local.te > > make reload > > > > I won't explain and I'm just guessing that will work for you. > > Thanks, that seems to have done the trick. I'm running auditd so I > actually used: > > audit2allow -i /var/log/audit/audit.lg >> domains/misc/local.te > > This begs the question though: should this be part of the > spamassassin/pyzor policy shipped with Fedora? I pretty much used > the standard FC4 installation of spamassassin (spamd) and pyzor > (not pyzord) with the only configuration on my part was running > 'pyzor discover' as root to download the pyzor server list. > Should I submit this as a 'bug' or RFE to the SELinux guru, or is > this local policy considered to be a regular sysadmin task that > we'll just have to deal with? > ---- I honestly don't know...Paul will probably check in before too long...he's very sharp on selinux and might be able to give you a better answer than I can. I vaguely recollect a discussion similar to this on the selinux list a week or so ago, but I'm a child of the 60's and I've toasted too many brain cells to retain information that I wasn't interested in. ---- > > A sadist is a masochist who follows the Golden Rule. ---- enjoyed that - actually appropriated it for use elsewhere...thanks Craig
