-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tony Molloy wrote: > On Thursday 31 January 2008 23:15:50 Henning Larsen wrote: >> On Fri, 2008-02-01 at 09:36 +1030, Tim wrote: >>> On Thu, 2008-01-31 at 19:02 +0100, Henning Larsen wrote: >>>> btw, I can live with it since the alert has gone and I use enforcing >>>> mode. >>> Though, going by what you posted earlier using audit2allow, you've >>> probably disabled SELinux from doing anything about Samba. Enforcing no >>> rules isn't really enforcing SELinux... >>> >>> This is the same sort of thing as some firewall telling a user that the >>> firewall has blocked trojan from using the internet, and the user clicks >>> on allow access. You have to diagnose the fault, not just get rid of >>> the warning. >>> >>> -- >>> (This computer runs FC7, my others run FC4, FC5 & FC6, in case that's >>> important to the thread.) >>> >>> Don't send private replies to my address, the mailbox is ignored. >>> I read messages from the public lists. >> I did belive that too, my problem now is that I don't know how to >> reverse what I did to stop the alerts. >> Do you have an answer to that? >> > > locate mysamba.pp > > rm -f ...active/mysamba.pp > rm -f .../previous/mysamba.pp > > reboot > > Tony > >> btw. my router is firewalled against samba, so there is no big security >> issue. >> >> Henning Larsen > > semodule -r mysamba is the proper way to do this Just removing the pp files will not effect the policy until the next time the policy is rebuild. So doing the rm -f ...active/mysamba.pp would need to be followed by semodule -B and no reboot would be necessary. (This is not windows.) Henning, what AVC's are you seeing? What did the te file that you loaded look like? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkejINQACgkQrlYvE4MpobPzSQCff21FJt9688xvR4ca73QLIKSh 8aUAoK3XXt6mrEnrqmq/r0KcfbL9v0uE =LFSH -----END PGP SIGNATURE-----
