On Mon, 2007-02-26 at 13:41 -0500, Mark Haney wrote: > I have selinux running on one of my servers and followed the FAQ on FC5 > to build a local module that allows some scripts I"ve built to run > correct on this server. > > However I'm encountering a problem. When I try to run semodule -i > local.pp I get this: > > > /usr/sbin/semodule -i local.pp > > /usr/sbin/semodule: Could not read file 'local.pp': > > I've tried adding the path to the local.pp file, but it makes no > difference. Has anyone else had this problem? Likely a permission denial (check /var/log/audit/audit.log or /var/log/messages for avc messages); semodule not being allowed to take input from your home directory. Try: # cp local.pp /usr/share/selinux/ # semodule -i /usr/share/selinux/local.pp Suggest using fedora-selinux-list in the future for these kinds of questions. -- Stephen Smalley National Security Agency
