Debian SE Linux policy bug

December 9, 2006December 9, 2006| etbeDebian SE Linux policy bug| 0 Comment| 11:48
Categories :
Tags: 
checkmodule -m -o local.mod local.te
semodule_package -o local.pp -m local.mod
semodule -u local.pp

Save the following policy as local.te and then run the above commands to make semodule work correctly and to also allow restorecon to access the console on boot.

module local 1.0;

require {
        class chr_file { read write };
        class fd use;
        type restorecon_t;
        type tmpfs_t;
        type initrc_t;
        type semanage_t;
        role system_r;
};

allow restorecon_t tmpfs_t:chr_file { read write };
allow semanage_t initrc_t:fd use;

Related posts:

  1. SE Linux on Debian in 5 minutes Following from my 5 minute OSDC talk yesterday on 5...
  2. Debian SE Linux Yesterday Erich Schubert blogged about reducing Debian SE Linux work...
  3. planet debian, spam, and SE Linux In regard to my post yesterday about Planet Debian I...
  4. a newbie question about SE Linux and anti-spam measures An anti-spam measure that is used by a very small...
  5. combining two domains in SE Linux To get the maximum value out of my writing when...

Related Post

Is a GPG pass-phrase Useful?

July 9, 2008 July 9, 2008 | etbe Is a GPG pass-phrase Useful? | 9 Comments | 07:01
Does a GPG pass-phrase provide a real benefit to the majority of users? It seems [...]
View MoreView More

Random Opinions, Expert Opinions, and Facts about AppArmor

September 4, 2008 September 4, 2008 | etbe Random Opinions, Expert Opinions, and Facts about AppArmor | 11 Comments | 20:53
My previous post titled AppArmor is Dead [1] has inspired a number of reactions. Some [...]
View MoreView More

installing Debian Etch

December 23, 2006 December 23, 2006 | etbe installing Debian Etch | 0 Comments | 20:59
A few days ago I installed Debian/Etch on my Thinkpad. One of the reasons for [...]
View MoreView More