You can examine the policy created (/etc/local-selinux-policy/local001.te), and then load it with:Ĭheckmodule -M -m -o local001.mod local001.te Once the audits have appeared, create a local policy using audit2allow:Īudit2allow -l -a -m local001 > /etc/local-selinux-policy/local001.te Now recreate the situation that causes the audit (stop/start vsftpd, transfer files, etc.). Then, reload policy to get a clean start for audit2allow, and set permissive mode to collect all required authorizations: Yum install selinux-policy-targeted policycoreutils libselinux selinux-policy libselinux-python libselinux-devel policycoreutils-python libselinux policycoreutils-gui libselinux-utils policycoreutils-sandbox checkpolicy First, make sure you have the necessary packages installed (all the following as root): You'll need to create a local policy to allow the access.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |