On Fri, May 19, 2006 at 12:13:15PM -0500, Hongwei Li wrote:
>
> The problem is I need to re-do for local.te from time to time, and whenver I
> run (after rebooting)
> # audit2allow -M local < /var/log/audit/audit.log
> the line
>
> allow httpd_t shadow_t:file { getattr read write };
>
> is automatically added to local.te -- [...]
> How to fix the problem?
How about something like this?
audit2allow -l -i /var/log/audit/audit.log | grep -v shadow >> local.te
--
Kayvan A. Sylvan | Proud husband of | Father to my kids:
Sylvan Associates, Inc. | Laura Isabella Sylvan, | Katherine Yelena (8/8/89)
I did and got:
# audit2allow -l -i /var/log/audit/audit.log | grep -v shadow >> local.te
# checkmodule -M -m -o local.mod local.te
checkmodule: loading policy configuration from local.te
(unknown source)::ERROR 'unknown type dovecot_auth_t' at token ';' on line
33:
allow procmail_t tmp_t:dir { search write };
allow dovecot_auth_t initrc_var_run_t:file { read write };
checkmodule: error(s) encountered while parsing configuration
I manually edit local.te to add a line
type dovecot_auth_t;
and run it again, then got
# checkmodule -M -m -o local.mod local.te
checkmodule: loading policy configuration from local.te
(unknown source)::ERROR 'unknown type initrc_var_run_t' at token ';' on
line 34:
allow procmail_t tmp_t:dir { search write };
allow dovecot_auth_t initrc_var_run_t:file { read write };
checkmodule: error(s) encountered while parsing configuration
The line 34 is:
allow dovecot_auth_t initrc_var_run_t:file { read write };
What to do next? Thanks!
Hongwei