On 03/05/2010 07:44 AM, Stephen Smalley wrote:
On Thu, 2010-03-04 at 21:29 -0600, Robert Nichols wrote:
> And, it appears that I have to remember to re-install all local policy
> modules every time there is a policy update, right?? :-((
No, that shouldn't be necessary - once you've installed a policy module,
it stays in the policy store and should get re-linked into the final
policy on subsequent transactions unless/until it gets explicitly
removed (via semodule -r). Have you encountered a particular situation
where this hasn't been true?
False alarm. It was an error I made running audit2allow on 2 instances
of the same AVC rather than one each of 2 very similar AVCs. The policy
update that occurred at about that same time was a red herring.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.