one-script policy
m.roth at 5-cent.us
m.roth at 5-cent.us
Tue Nov 12 21:47:47 UTC 2013
Daniel J Walsh wrote:
> On 11/12/2013 03:36 PM, m.roth at 5-cent.us wrote:
>> policy_module(myapp, 1.0.0) apache_content_template(myapp)
> Strange. It works for me.
>
> Did you have any garbarge in the te file?
>
Damn, I hate the configuration on this list, where by default, if I don't
hit reply all, I reply *only* to the sender.
Anyway, it wasn't instantly clear to me that I needed to create a .te - I
thought it was coming out of that first step. Also, if I create it using
grep avc /var/log/audit/audit.log | grep sudo | audit2allow, what I see is
for httpd_sys_script_t, and I *don't* want *all* scripts with that type to
have the same rights. Do I make a new name there?
mark
More information about the selinux
mailing list