On Tue, 2008-05-13 at 11:30 -0700, Daniel B. Thurman wrote:
|You can certainly generate a local policy module that gives access
to
|fusefs_t, but it would be better if we could get the context mount
|option to work.
I will try anything you suggest. Let me know if you can
resolve this issue, otherwise let me know (in detail) how
to write a policy as a last resort?
To generate local policy for this issue, you'd do something like this:
$ su -
# ausearch -m AVC | grep fuse | audit2allow -M myfuse
# semodule -i myfuse.pp
Then the fuse-related denials should be allowed.
--
Stephen Smalley
National Security Agency