There's no local.te in my system. I'm running FC5. Also, there is no
such rpm or anything similar in the yum repositories. Yes,
audit2allow gave me the rules to add, two of them indeed. The problem
now is where to add them. Any idea?
Thanks a lot for your help, I really appreciate it.
EJ
On Jul 8, 2006, at 4:11 PM, David G. Miller wrote:
redhatdude@xxxxxxxxxxxxx wrote:
Well, I'm stuck here if there's no easy way to fix my problem. I
can't understand how daemons such as syslogd or crond are not
allowed to send emails through postfix. I'm only left with an
option, disable selinux, which sucks. I tried to read the
documentation and it's a lot to swallow. On top of that, FC5 has
different locations for all those files, different from what the
selinux documentation says. For example, I don't have a src
directory inside /etc/selinux/targeted/ and there's no single
file ending with .te in my system.
This is frustrating. Thanks for your help Dave
EJ
PS. The selinux list is completely dead, one email in 24 hours.
So much for getting help there.
Sorry. Been long enough since I went through all of this that I
didn't remember some of the details. There is a ruleset source RPM
you need to install to be able to create a custom ruleset.
Something like "yum install selinux-policy-targeted-sources" should
get you the source for the stock targeted ruleset and the ability
to make changes via a custom ruleset. It will also create the
required directory structure under /etc/selinux/targeted/. The
memory of the pain is all coming back to me now....
Not sure what the scoop is on postfix since "standard" RPMs tend to
come with any required SELinux rulesets for them to at least work
doing default behavior (e.g., if you install httpd you can set up a
simple web server but any "interesting" CGI behavior requires
customizing the ruleset). audit2allow is your friend here since
you can just turn off enforcing mode and see what complaints
SELinux generates, run audit2allow to find out what ruleset changes
are required and, most of the time, just add the suggested rules to
local.te.
Cheers,
Dave
--
Politics, n. Strife of interests masquerading as a contest of
principles.
-- Ambrose Bierce
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list