Dontaudit rule for $HOME/.ssh and samba
Trevor Hemsley
trevor.hemsley at codefarm.com
Wed Feb 24 15:47:52 UTC 2010
Thanks everyone that replied. I've added something akin to this and it
appears to be working - at least no AVCs for ~18 hours now so I think so.
On 23/02/2010 18:06, Daniel J Walsh wrote:
>
> # cat > mysmbd.te << _EOF
> policy_module(mysmbd, 1.0)
>
> require {
> type smbd_t;
> type sshd_key_t;
> }
>
> dontaudit smbd_t sshd_key_t:file getattr;
> _EOF
> # make -f /usr/share/selinux/devel/Makefile
> # semodule -i mysmbd.pp
--
Trevor Hemsley
Infrastructure Engineer
.................................................
* C A L Y P S O
* Brighton, UK
OFFICE +44 (0) 1273 666 350
FAX +44 (0) 1273 666 351
.................................................
www.calypso.com
This electronic-mail might contain confidential information intended
only for the use by the entity named. If the reader of this message is
not the intended recipient, the reader is hereby notified that any
dissemination, distribution or copying is strictly prohibited.
* P * /*/ Please consider the environment before printing this e-mail /*/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/selinux/attachments/20100224/dd8a6b1c/attachment.html
More information about the selinux
mailing list