Archives

Categories
«  
  »

Debian SE Linux policy bug

checkmodule -m -o local.mod local.te
semodule_package -o local.pp -m local.mod
semodule -u local.pp

Save the following policy as local.te and then run the above commands to make semodule work correctly and to also allow restorecon to access the console on boot.

module local 1.0;

require {
        class chr_file { read write };
        class fd use;
        type restorecon_t;
        type tmpfs_t;
        type initrc_t;
        type semanage_t;
        role system_r;
};

allow restorecon_t tmpfs_t:chr_file { read write };
allow semanage_t initrc_t:fd use;

Related posts:

  1. SE Linux on Debian in 5 minutes Following from my 5 minute OSDC talk yesterday on 5...
  2. Debian SE Linux Yesterday Erich Schubert blogged about reducing Debian SE Linux work...
  3. planet debian, spam, and SE Linux In regard to my post yesterday about Planet Debian I...
  4. a newbie question about SE Linux and anti-spam measures An anti-spam measure that is used by a very small...
  5. combining two domains in SE Linux To get the maximum value out of my writing when...
December 9th, 2006 | Tags: | Category: Security

Comments are closed.